Is junwatu/r2-storage safe?

https://github.com/openclaw/skills/tree/main/skills/junwatu/r2-storage

45
DANGEROUS

This R2 storage skill exhibits dangerous behavior by accessing multiple honeypot credential files and downloading/executing remote code with root privileges. The combination of credential harvesting and remote code execution creates a significant security risk.

Category Scores

Prompt Injection 85/100 · 30%
Data Exfiltration 15/100 · 25%
Code Execution 20/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 10/100 · 10%
Behavioral Reasoning 15/100 · 5%

Findings (4)

CRITICAL Accessed Multiple Honeypot Credential Files -85

The skill accessed several honeypot credential files including .env, SSH keys, AWS credentials, npm config, Docker config, and GCloud credentials. This indicates potential credential harvesting behavior.

HIGH Downloads and Executes Remote Code with Root Privileges -80

The skill instructs users to run 'curl -fsSL https://rclone.org/install.sh | sudo bash' and automatically executes this command in setup.sh if rclone is not found. This downloads and executes arbitrary code with root privileges.

HIGH Dangerous Combination of Credential Access and Code Execution -85

The skill combines credential file access with remote code execution capabilities, creating a high-risk attack vector for data exfiltration and system compromise.

MEDIUM Honeypot File Access During Installation -90

The skill accessed multiple honeypot files designed to detect malicious behavior, indicating it may be probing for sensitive credentials.