Is joelachance/satori safe?

https://github.com/openclaw/skills/tree/main/skills/joelachance/satori

80
CAUTION

Satori provides legitimate persistent memory functionality for AI sessions but poses significant privacy and security risks through external data transmission and code execution. The skill sends conversation data to external services and executes downloaded npm packages.

Category Scores

Prompt Injection 80/100 · 30%
Data Exfiltration 70/100 · 25%
Code Execution 70/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 80/100 · 5%

Findings (4)

HIGH External Data Transmission -30

The skill explicitly sends conversation data to external services via the Satori CLI, including decisions, preferences, names, deadlines, and strategic information.

HIGH External Code Execution -30

The skill uses npx to download and execute external npm packages, which represents significant code execution risk.

MEDIUM Silent Behavior Modification -20

The skill instructs the agent to proactively search and silently incorporate external context without user awareness, modifying normal agent behavior.

MEDIUM Privacy and Transparency Concerns -20

The skill's silent operation and external data transmission create privacy risks and reduce user awareness of data handling.