Oathe Security Badge

Is novyxlabs/novyx-compliance safe?

https://github.com/novyxlabs/novyx-compliance

99
SAFE

This compliance audit skill appears legitimate and safe. It provides audit trail export and verification functionality through standard API calls to the Novyx service. No malicious behavior, prompt injection attempts, or unauthorized file access detected.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 98/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 100/100 · 5%

Findings (1)

LOW External API Communication -2

The skill communicates with the external Novyx API endpoint (novyx-ram-api.fly.dev) to retrieve audit logs, export compliance data, and verify trace signatures. This is the legitimate and expected behavior for a compliance audit tool, but represents data transmission to external systems.