Is hazy2go/agent-defibrillator safe?

https://github.com/openclaw/skills/tree/main/skills/hazy2go/agent-defibrillator

82
SAFE

The Agent Defibrillator is a legitimate system monitoring tool that automatically restarts crashed AI agent processes. While it requires elevated privileges and has significant system access capabilities, the code is well-documented, serves its stated purpose, and shows no signs of malicious behavior.

Category Scores

Prompt Injection 90/100 · 30%
Data Exfiltration 80/100 · 25%
Code Execution 60/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 70/100 · 5%

Findings (4)

MEDIUM Privileged System Process Control -25

The skill installs as a launchd daemon with capabilities to monitor, kill, and restart system processes. While legitimate for its stated purpose, this represents significant system access that could be misused.

MEDIUM External Communication Capability -15

The skill includes optional Discord notification functionality that could theoretically be repurposed for data exfiltration, though it is clearly documented and requires explicit configuration.

LOW Remote Code Download -15

The installation script downloads executable code from a remote GitHub repository, though from a documented and legitimate source.

INFO Persistent System Service -5

The skill installs as a persistent system service that runs continuously, which could provide an attack surface if compromised, though this is expected for monitoring functionality.