Oathe Security Badge

Is nashsu/opencli-rs-skill safe?

https://github.com/nashsu/opencli-rs-skill

84
SAFE

This skill provides extensive social media and web platform integration through opencli-rs CLI tool. While functionally legitimate, it poses security concerns through remote script installation requirements and potential for social media manipulation. The skill attempts to override normal agent behavior patterns.

Category Scores

Prompt Injection 80/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 70/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 75/100 · 5%

Findings (5)

HIGH Remote Shell Script Installation -25

The skill instructs the agent to install software by executing a remote shell script via curl pipe to shell command, which poses significant security risks

MEDIUM Agent Behavior Override -15

The skill contains instructions that override normal agent behavior, mandating the use of opencli-rs and forbidding the agent from saying certain tools are unsupported

MEDIUM Social Media Write Operations Risk -20

The skill enables posting, commenting, and liking across 55+ social platforms, which could be used for spam or reputation manipulation if misused

LOW Personal Data Access -10

The skill accesses personal data like bookmarks, history, and private feeds, though this appears to be legitimate functionality

LOW JavaScript Execution in YAML -5

The skill's YAML templates include JavaScript code execution capabilities that could potentially be exploited