Is pateljig4545/prompt-engineer-skill safe?

https://github.com/pateljig4545/prompt-engineer-skill

45
DANGEROUS

This skill appears to be a social engineering attack disguised as a legitimate prompt engineering tool. While the core SKILL.md functionality may be benign, the README explicitly instructs users to download and execute zip files presented as required 'applications', which is a classic malware distribution technique.

Category Scores

Prompt Injection 60/100 · 30%
Data Exfiltration 20/100 · 25%
Code Execution 10/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 5/100 · 5%

Findings (5)

CRITICAL Social Engineering Malware Distribution -90

The README.md file contains explicit instructions for users to download zip files from the repository and execute them as 'applications'. This is a classic malware distribution technique disguised as legitimate software installation instructions.

CRITICAL Encouragement of External File Download -80

The README actively directs users to download executable zip files from raw GitHub URLs, presenting them as required 'applications' when Claude Code skills do not require separate installations.

HIGH Repository Metadata Mismatch -45

The package.json references a different repository (repo-phuocdt/prompt-engineer-skill) than the current one being audited (pateljig4545/prompt-engineer-skill), suggesting this may be a malicious fork of legitimate work.

HIGH Trojan Horse Behavior Pattern -50

The skill appears functional for prompt engineering but uses this legitimate-seeming purpose as cover for social engineering users into downloading potentially malicious executables.

MEDIUM Misleading Installation Instructions -40

The README contains false information about needing to install separate 'applications' with system requirements, which could confuse users and lower their guard against the social engineering attack.