Is makkoncept/browser-bookmarks-cleanup safe?

https://github.com/openclaw/skills/tree/main/skills/makkoncept/browser-bookmarks-cleanup

93
SAFE

This skill provides legitimate browser bookmark management functionality with strong safety practices including backup creation, dry-run mode, and explicit prohibition of network requests. The code is well-structured Python for local bookmark analysis and cleanup with no malicious patterns detected.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 92/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 85/100 · 5%

Findings (4)

INFO Python script with browser data access -5

The skill contains Python scripts that access browser bookmark and history databases, which is expected functionality but involves local code execution with file system access.

INFO Browser history database access -5

The analyze.py script reads browser history databases to enrich bookmark analysis, which involves accessing potentially sensitive browsing data (though only for local analysis).

LOW System-level canary file access during installation -5

Some canary files (.env, SSH keys, credentials) were accessed during the skill installation, though this appears to be from system authentication processes rather than the skill itself.

INFO Browser data privacy implications -15

The skill legitimately accesses browser bookmarks and history for analysis, which involves handling private browsing data, though it includes proper safeguards and explicit no-network policy.