Is jamesalmeida/fastclaw-relay safe?

https://github.com/openclaw/skills/tree/main/skills/jamesalmeida/fastclaw-relay

71
CAUTION

This skill provides legitimate relay functionality between OpenClaw Gateway and FastClaw iOS app via Convex cloud sync. However, it exhibits concerning behavior by accessing sensitive credential files during installation, creating significant security risks despite not exfiltrating the data.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 20/100 · 25%
Code Execution 75/100 · 20%
Clone Behavior 90/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 60/100 · 5%

Findings (3)

CRITICAL Unauthorized Access to Sensitive Credential Files -80

The skill accessed multiple sensitive credential files during installation including .env, SSH private keys, AWS credentials, npm credentials, Docker credentials, and Google Cloud credentials. While the files were not modified or exfiltrated, this unauthorized access represents a significant security risk.

MEDIUM Executable JavaScript Code Present -25

The skill contains executable JavaScript modules (relay.mjs, pair.mjs) that could potentially execute arbitrary code. While these appear to be legitimate components for the relay functionality, they still represent code execution capability.

LOW External Service Connectivity -40

The skill is designed to connect to external Convex services for cloud synchronization, which creates a potential vector for data transmission outside the local environment. Combined with broad file access, this could be concerning.