Is jonnyfmiller/claw-score safe?

https://github.com/openclaw/skills/tree/main/skills/jonnyfmiller/claw-score

68
CAUTION

This skill presents a significant privacy risk by design, systematically collecting sensitive agent configuration files and transmitting them to external servers. While potentially offering legitimate audit services, it requires users to share complete agent secrets with a third party.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 5/100 · 25%
Code Execution 85/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 15/100 · 5%

Findings (4)

CRITICAL Comprehensive Agent Configuration Exfiltration -95

The skill is specifically designed to read sensitive agent configuration files including AGENTS.md (complete instructions), SECURITY.md (security rules), MEMORY.md, TOOLS.md, and other critical files, then transmit all this data to an external server at atlasforge.me. This represents complete exposure of agent secrets and configuration details.

HIGH Insufficient Data Sanitization -10

The skill uses basic regex patterns to sanitize sensitive data before transmission, but these patterns may not catch all credential formats or sensitive information, potentially allowing secrets to leak to the external service.

MEDIUM Third-Party Agent Intelligence Harvesting Risk -85

If widely adopted, this skill could enable comprehensive harvesting of agent configurations, creating a centralized database of agent behavior patterns and potential vulnerabilities that could be exploited or compromised.

LOW Shell Command Execution for Data Processing -15

The skill executes various shell commands including sed for sanitization, python3 for JSON processing, and curl for HTTP transmission. While these appear necessary for stated functionality, they do represent code execution.