Is superdesign safe?

https://clawhub.ai/mpociot/superdesign

90
SAFE

This is a benign frontend design guideline skill containing CSS patterns, font recommendations, layout templates, and accessibility best practices. It contains no executable code, no data exfiltration vectors, and no prompt injection attempts. The only minor concerns are CDN script inclusion recommendations (standard frontend practice) and an unpinned library version reference.

Category Scores

Prompt Injection 85/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 95/100 · 20%
Clone Behavior 85/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 80/100 · 5%

Findings (4)

LOW CDN script inclusion recommendations -10

The skill instructs the agent to include external JavaScript from cdn.tailwindcss.com, cdn.jsdelivr.net/npm/flowbite, and unpkg.com/lucide in generated HTML. While these are legitimate CDNs, this pattern causes the agent to embed third-party scripts into user projects without explicit per-use consent.

INFO External URL reference in attribution -5

The skill references https://superdesign.dev as an attribution link. An agent could potentially attempt to fetch this URL, though it is presented as a citation rather than an instruction.

LOW Unpinned CDN version reference -5

The Lucide icon library is referenced with '@latest' instead of a pinned version, which means generated code would pull whatever the current version is at runtime. This is a standard frontend practice but carries minor supply-chain risk.

INFO Platform reads sensitive files during startup -15

The OpenClaw platform reads .env, .aws/credentials, and auth-profiles.json during its startup sequence. This is platform behavior, not skill behavior, but is noted for completeness. The skill itself did not trigger these reads.