Oathe Security Badge

Is lijinnair/skillforge safe?

https://github.com/lijinnair/skillforge

98
SAFE

Skillforge is a legitimate meta-skill for generating, upgrading, and auditing Claude Code and Antigravity skills. It follows transparent practices with user checkpoints and includes comprehensive validation checklists. All external URL fetching serves documented purposes for retrieving best practices and searching skill marketplaces.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (2)

LOW External URL fetching for documentation -5

The skill fetches external URLs including Claude Code and Antigravity documentation sites, plus searches multiple skill marketplaces. While these appear legitimate and serve the stated purpose, they introduce external dependencies.

LOW Meta-skill generates other skills -5

As a skill that generates other skills, there is theoretical potential for misuse if the skill logic were compromised. However, generated skills would still require user review and the current implementation includes validation checklists.