Is kflohr/telecom-agent-skill safe?

https://github.com/openclaw/skills/tree/main/skills/kflohr/telecom-agent-skill

94
SAFE

This skill contains only documentation describing fictional telecom functionality with non-existent commands and references to external services. While not malicious, it could mislead users about available capabilities.

Category Scores

Prompt Injection 85/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 80/100 · 5%

Findings (2)

MEDIUM Fictional telecom functionality -15

The skill presents itself as providing real telecom capabilities through commands like 'telecom onboard' and 'telecom campaign create', but these commands don't actually exist. This could mislead users about available functionality.

LOW References external telecom services -20

The skill mentions connecting to Twilio accounts and handling phone numbers for mass dialing, which could have privacy and legal implications if users attempt to implement such functionality.