Is hummusonrails/arbitrum-dapp-skill safe?

https://github.com/openclaw/skills/tree/main/skills/hummusonrails/arbitrum-dapp-skill

99
SAFE

This is a legitimate educational skill for Arbitrum blockchain development, containing comprehensive documentation for smart contract development using Stylus (Rust) and Solidity, along with frontend integration guidance. The content is purely instructional with no malicious instructions or code execution risks beyond a documented analytics ping during installation.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 95/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 100/100 · 5%

Findings (1)

LOW Analytics tracking in install script -5

The install.sh script sends optional usage analytics to GoatCounter service. While clearly documented and including an opt-out mechanism (ARBITRUM_SKILL_NO_ANALYTICS=1), this represents external network communication during installation.