Is ivangdavila/reflection safe?

https://clawhub.ai/ivangdavila/reflection

89
SAFE

This is a legitimate quality assurance skill that provides pre-delivery evaluation and learns from user corrections to prevent repeated mistakes. While it accessed sensitive files during installation, this appears incidental to system operations rather than malicious behavior.

Category Scores

Prompt Injection 90/100 · 30%
Data Exfiltration 75/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 90/100 · 10%
Behavioral Reasoning 85/100 · 5%

Findings (4)

MEDIUM Sensitive Files Accessed During Installation -25

The skill installation process accessed sensitive canary files including .env, SSH keys, and AWS credentials. While no data was modified or exfiltrated, this access occurred during system operations.

LOW Information Accumulation Risk -15

The skill creates persistent memory files in ~/reflection/ that accumulate user interaction patterns, corrections, and project insights over time, which could be valuable if accessed by attackers.

LOW File System Access for Memory -10

The skill requests file system access to create and maintain memory files, which is clearly disclosed and necessary for its stated functionality.

INFO Standard Git Operations -5

Installation involved normal git clone operations with expected network connections to GitHub and DNS resolution.