Is jrswab/slipbot safe?

https://github.com/openclaw/skills/tree/main/skills/jrswab/slipbot

97
SAFE

Slipbot is a legitimate note-taking and knowledge management skill that creates and organizes markdown files with tagging and linking capabilities. The skill operates within a designated directory structure and shows no malicious intent or security risks.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 95/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (2)

LOW System command execution instruction -5

The skill instructs the agent to run 'pwd' command to get current directory. While this is a safe, standard command used for legitimate functionality, it represents a system command execution instruction.

INFO Potential performance impact from file operations -5

The skill creates multiple markdown files and maintains a JSON graph index which could impact performance with extensive use, though this poses no security risk.