Oathe Security Badge

Is mogglemoss/openclaw-birdbuddy-skill safe?

https://github.com/mogglemoss/openclaw-birdbuddy-skill

99
SAFE

This Bird Buddy skill appears completely legitimate and safe. It contains standard Python code for querying Bird Buddy smart bird feeders with no evidence of malicious behavior, prompt injection, or data exfiltration.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 95/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 100/100 · 5%

Findings (1)

INFO Contains executable Python script -5

The skill includes run.py, an executable Python script. This is expected and necessary for the skill's functionality to query Bird Buddy devices.