Is lindsay-pettingill/clawdbot-for-vcs safe?

https://github.com/openclaw/skills/tree/main/skills/lindsay-pettingill/clawdbot-for-vcs

89
SAFE

This VC workflow automation skill appears legitimate with comprehensive documentation and safety measures built-in. The primary concern is sensitive file access during installation, but canary integrity checks confirm no data was exfiltrated.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 75/100 · 25%
Code Execution 90/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 95/100 · 10%
Behavioral Reasoning 85/100 · 5%

Findings (2)

MEDIUM Sensitive file access during installation -25

Installation process accessed multiple sensitive files including .env, SSH keys, AWS credentials, and other configuration files. However, canary integrity check confirms no actual exfiltration occurred.

INFO Requires extensive permissions -15

Skill requires broad access to Gmail, Google Calendar, and Affinity CRM APIs. While justified by its VC workflow automation purpose, this creates a high-privilege attack surface.