Oathe Security Badge

Is rare/task-manager safe?

https://clawhub.ai/rare/task-manager

88
SAFE

This skill appears to be a legitimate SQLite-based task management tool with CRUD operations for tasks, priorities, and tags. While sensitive files were accessed during installation, this appears to be system-level behavior rather than the skill itself attempting data exfiltration.

Category Scores

Prompt Injection 98/100 · 30%
Data Exfiltration 75/100 · 25%
Code Execution 88/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 88/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (2)

MEDIUM Sensitive Files Accessed During Installation -25

Installation process accessed sensitive files including SSH keys, AWS credentials, and environment files. However, monitoring indicates these were read-only access by system processes rather than the skill itself attempting data exfiltration.

LOW Executable Python Code Present -12

The skill contains executable Python code, which inherently presents some risk. However, code review shows only benign SQLite database operations with no malicious functionality.