Oathe Security Badge

Is pauldelmann/parseium-skill safe?

https://github.com/pauldelmann/parseium-skill

96
SAFE

This skill provides legitimate documentation for interfacing with Parseium's social media data extraction APIs. It contains only markdown documentation with no executable code, follows standard API integration patterns, and shows no malicious behavior during installation or content analysis.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (2)

LOW External API Communication -10

The skill instructs users to send data to external Parseium API endpoints (api.parseium.com). While this is the explicit and documented purpose of the skill, it involves transmitting data to third-party services.

LOW External Service References -5

The skill contains references to external websites and API endpoints that users are directed to visit for obtaining API keys and documentation. These are legitimate business references but represent external dependencies.