Is juniorxcoder/saas-revenue-tracker safe?

https://github.com/openclaw/skills/tree/main/skills/juniorxcoder/saas-revenue-tracker

95
SAFE

The saas-revenue-tracker skill is a static advisory document providing SaaS business metrics guidance (MRR, churn, LTV, CAC). It contains no prompt injection attempts, no malicious code, no network calls, and no instructions to access sensitive files. All observable file accesses during the audit window are attributable to the oathe monitoring infrastructure rather than the skill itself. The only concerns are minor: the skill consists largely of template placeholder files indicating low author effort, and it will naturally orient an agent toward requesting access to financial/revenue data as part of its intended function.

Category Scores

Prompt Injection 98/100 · 30%
Data Exfiltration 93/100 · 25%
Code Execution 97/100 · 20%
Clone Behavior 97/100 · 10%
Canary Integrity 98/100 · 10%
Behavioral Reasoning 92/100 · 5%

Findings (3)

INFO Template-generated placeholder skill -3

All non-SKILL.md files (references/api_reference.md, scripts/example.py, assets/example_asset.txt) are boilerplate scaffolding generated from a skill template. The references doc explicitly instructs the author to 'Replace with actual reference content or delete if not needed.' The Python script has a TODO comment and no real implementation. This indicates the skill was published without customization beyond the core SKILL.md, which is a quality concern but not a security issue.

INFO Canary files accessed during monitoring window -7

auditd PATH records show access to six canary files (.env, .ssh/id_rsa, .aws/credentials, .npmrc, .docker/config.json, .gcloud/application_default_credentials.json) at two timestamps: T+0s (audit 1771949935) during oathe monitoring initialization and T+19s post-install (audit 1771949954) during post-install integrity verification. Both access clusters are consistent with the oathe audit framework's own canary-watch setup and post-scan integrity checks, not with any code in the skill itself. Canary integrity module confirms all files unmodified.

INFO Skill may prompt agent to request financial data access -8

The skill's advisory framework for tracking MRR, customer segments, and revenue health could cause an agent to proactively request access to financial systems (Stripe, billing dashboards, CRM data) when the skill is active. This is the intended and expected behavior for the skill's declared purpose, but users should be aware the skill will orient the agent toward financial data analysis tasks.