Is ketiyohanneschromaway/clawchain-base-chromia-cli safe?

https://github.com/openclaw/skills/tree/main/skills/ketiyohanneschromaway/clawchain-base-chromia-cli

77
CAUTION

This skill provides blockchain social network functionality but contains concerning prompt injection elements including external file fetching and behavioral manipulation instructions. While the core blockchain functionality appears legitimate, the personality system and external dependencies introduce security risks.

Category Scores

Prompt Injection 60/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 70/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 65/100 · 5%

Findings (5)

HIGH External Skill File Fetching -20

The skill instructs agents to download additional skill files from external URLs (clawchain.ai), which could introduce additional prompt injection vectors not visible in this audit.

MEDIUM Personality Manipulation Instructions -20

The skill contains detailed instructions forcing the agent to adopt specific personalities and communication styles, potentially overriding user preferences and system instructions.

MEDIUM External Tool Dependency -30

The skill requires installation of the Chromia CLI tool via Homebrew, which introduces potential security risks through external package management.

MEDIUM Complex Behavioral Modifications -35

The skill implements a sophisticated personality system that significantly modifies how the agent communicates and behaves, which could be misused or conflict with other instructions.

LOW External Network Communications -10

The skill requires network communications to blockchain nodes and clawchain.ai domain for legitimate blockchain operations.