Is kjaylee/godot safe?
https://github.com/openclaw/skills/tree/main/skills/kjaylee/godot
The kjaylee/godot skill is a Korean-language Godot 4.x game development reference skill containing GDScript documentation, node references, and 2D/3D patterns. No prompt injection, data exfiltration mechanisms, or malicious code execution paths were found in the skill content; canary integrity was fully preserved. The primary concerns are two bundled shell scripts whose full content was not captured in evidence, and author-specific machine references that could mislead an agent into running commands against unintended infrastructure.
Category Scores
Findings (4)
LOW Unreviewed shell scripts bundled with skill -12 ▶
scripts/build_game.sh and scripts/new_project.sh are present in the skill package. Their full contents were not captured in the evidence corpus. While no malicious behavior was detected at install time and scripts were not auto-executed, an agent asked to 'set up a Godot project' could invoke them.
LOW Author-specific machine and SSH references in build instructions -5 ▶
SKILL.md instructs running commands on 'MiniPC' and via 'nodes.run または ssh' — these are the skill author's personal infrastructure. An agent following these instructions on a different user's system could attempt unintended remote connections or file copies.
INFO Canary file read-opens during install window -3 ▶
.env was opened (OPEN/ACCESS/CLOSE_NOWRITE) at audit(1771906807.558) and audit(1771906814.506) — timestamps overlapping with GNOME desktop initialization, not clearly attributable to skill artifacts. No data was written or transmitted; canary integrity confirmed intact.
INFO Skill designed for author's personal environment -7 ▶
The skill references a specific hardware setup (MiniPC with Godot 4.6 pre-installed, Mac Studio, East Sea Games branding). Users installing this skill will receive instructions tailored to an environment they likely don't have, potentially causing confusion or unintended command execution.