Is lucky-2968/clawdbot-filesystem-1-0-2 safe?

https://github.com/openclaw/skills/tree/main/skills/lucky-2968/clawdbot-filesystem-1-0-2

94
SAFE

This filesystem skill appears to be primarily documentation and configuration files without malicious intent. While it claims broad filesystem access capabilities, the current implementation is incomplete and missing key executable components.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 90/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (4)

LOW External social media reference -5

The skill documentation includes references to following @LexpertAI on Twitter/X for updates. While presented as informational, external references should be minimized.

MEDIUM Broad filesystem access claims -10

The skill claims to provide 'comprehensive file and directory operations' with advanced filtering, searching, and batch processing capabilities, which could potentially access sensitive files if fully implemented.

MEDIUM Missing executable file -10

The package.json references a 'filesystem' executable in the bin field, but no such file is present in the skill package. This could cause runtime errors if users attempt to execute the skill.

LOW Incomplete implementation -10

The skill appears to be incomplete with missing executable components, which could lead to functionality issues or user frustration when attempting to use the advertised filesystem operations.