Oathe Security Badge

Is josephliver623/openbook safe?

https://clawhub.ai/josephliver623/openbook

95
SAFE

The OpenBook skill appears to be a legitimate interface for sharing information about places and businesses through an external platform. It contains no malicious code, prompt injection attempts, or data exfiltration mechanisms, and properly requires user consent before sharing information.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (3)

LOW External Service Communications -10

The skill connects to openbook.now (216.150.1.1) during operation, which introduces dependency on external infrastructure. While documented and legitimate, this creates potential risk if the external service is compromised.

INFO External Platform Dependency -10

Skill functionality relies entirely on the external OpenBook platform for data storage and retrieval. Users should be aware that data shared through this skill will be stored on third-party infrastructure.

INFO Installation Network Activity -5

During installation, the skill made network connections beyond the standard clawhub registry, including DNS resolution and HTTPS connections to the OpenBook service.