Oathe Security Badge

Is nftechie/race-finder safe?

https://github.com/nftechie/race-finder

98
SAFE

This skill is purely documentation for a race-finding API with no executable code, prompt injection attempts, or malicious behavior detected. The skill only contains markdown documentation files and poses minimal security risk.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 95/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (2)

LOW Filesystem access during audit setup -5

Monitoring detected access to sensitive file paths during the audit process, but this appears to be related to the monitoring system setup rather than the skill itself. No actual exfiltration occurred.

INFO External API dependency -10

The skill instructs agents to make HTTP requests to an external API (api.racefinder.net). While this is the intended functionality, it creates a dependency on an external service that could theoretically be compromised.