Is maxfritzhand/bolta-skills-index safe?

https://github.com/openclaw/skills/tree/main/skills/maxfritzhand/bolta-skills-index

88
SAFE

This is a legitimate skill registry that provides discovery and installation guidance for a broader ecosystem of social media automation skills. While it contains no executable code and poses no direct security threats, it serves as a trust anchor for a larger ecosystem and extensively references external services for setup and authentication.

Category Scores

Prompt Injection 80/100 · 30%
Data Exfiltration 98/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 75/100 · 5%

Findings (4)

MEDIUM Extensive External URL References -20

The skill contains numerous instructions directing users to external websites including bolta.ai/register, platty.boltathread.com, and GitHub repositories. While legitimate for a registry service, this creates dependency on external domains.

LOW Ecosystem Trust Implications -15

This skill serves as a registry and trust anchor for a larger ecosystem of 21+ skills. Users may develop trust in the entire ecosystem based on this registry, which could be problematic if other skills in the ecosystem are compromised.

LOW Credential Handling Guidance -10

The skill provides extensive instructions on handling API keys and sensitive credentials, which could normalize risky credential handling behaviors if users don't follow security best practices.

INFO System Process File Access -2

Monitoring detected access to sensitive files (.env, SSH keys, AWS credentials), but analysis shows this was from system processes (sshd, sudo) during audit setup, not from the skill itself.