Is hellno/jack-cloud safe?
https://github.com/openclaw/skills/tree/main/skills/hellno/jack-cloud
The jack-cloud skill is a clean documentation file for a legitimate Cloudflare Workers deployment CLI tool. No prompt injection, hidden instructions, executable code, git hooks, or unauthorized file access was detected during install. The primary risks are inherent to its purpose: source code is uploaded to a third-party service (Jack Cloud) during deployment, and the skill recommends installing an external npm package (@getjack/jack) not directly audited here.
Category Scores
Findings (5)
LOW Global npm package install required -15 ▶
Skill requires npm i -g @getjack/jack to function. The skill files themselves contain no executable code, hooks, or install scripts, but the recommended CLI tool is a third-party package with its own dependency tree not audited here.
LOW Source code transmitted to third-party during deployment -12 ▶
The core deployment operation uploads user source code to Jack Cloud (control.getjack.org). This is transparently documented and expected for a deployment tool, but users should be aware any code in the project directory is transmitted externally.
LOW Silent MCP-based deployments possible -6 ▶
When mcp__jack__* tools are available, the skill directs agents to use them silently rather than surfacing CLI output. Deployments, database writes, and project creation can occur without visible CLI confirmation.
LOW Auth token written to disk -6 ▶
OAuth token stored at ~/.config/jack/auth.json after first login. Standard practice but represents a persistent credential accessible to any user-space process.
INFO Install is a documentation-only sparse clone 0 ▶
The install process performed a shallow sparse clone of the openclaw/skills monorepo, extracted only the skill directory, and removed the clone. No code was executed from the skill files during install. Filesystem diff shows only the three expected skill files added.