Is leoyessi10-tech/context-engineering safe?
https://github.com/openclaw/skills/tree/main/skills/leoyessi10-tech/context-engineering
The context-compression skill is a well-structured, educational document covering context window management strategies for AI agents, accompanied by a Python reference implementation using only standard library imports. No prompt injection patterns, data exfiltration instructions, malicious code, or suspicious network activity were detected during installation. The skill is safe to install.
Category Scores
Findings (4)
LOW Python reference script with stubbed LLM API call comments -5 ▶
scripts/compression_evaluator.py is a 300-line pure-stdlib Python demonstration of a compression evaluation framework. It includes a commented-out code block showing how a production system would call an OpenAI-compatible API. The actual runnable code path is a local heuristic stub. No network calls, no file access beyond in-memory data structures, and no auto-execution mechanism.
INFO Cloned from public GitHub monorepo via expected sparse-checkout flow 0 ▶
Installation used the standard openclaw/skills monorepo sparse-checkout pattern. Connections were exclusively to github.com (140.82.112.3). No DNS queries to unexpected domains.
INFO SKILL.md is purely educational documentation 0 ▶
The skill contains no instructions that attempt to override user preferences, modify agent persona, suppress output, fetch external URLs, or chain with other skills in unexpected ways. Content is a technical guide covering three context compression strategies with evaluation methodology.
INFO Canary file syscall accesses are attributable to GNOME session startup, not the skill 0 ▶
File access syscalls for .env, .ssh/id_rsa, .aws/credentials, and other sensitive files occur at timestamp 1771904881 (6 seconds before the git clone at 1771904887) and at 1771904898 (consistent with periodic audit framework polling). No process spawned by the skill installation accessed these files.