Is kai-familiar/catallax safe?

https://github.com/openclaw/skills/tree/main/skills/kai-familiar/catallax

92
SAFE

This skill provides legitimate functionality for interacting with the Catallax decentralized work protocol on Nostr. While monitoring detected some file system activity during installation, all canary files remained intact indicating no data exfiltration occurred.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 85/100 · 25%
Code Execution 90/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (2)

MEDIUM File System Access During Installation -15

Monitoring detected access attempts to sensitive files (.env, SSH keys, AWS credentials) during skill installation. However, all canary files remained intact, suggesting no actual data exfiltration occurred.

LOW Bash Command Execution Instructions -10

The skill instructs the agent to execute bash commands using the 'nak' CLI tool for Nostr protocol operations. These appear to be legitimate commands for the stated purpose.