Oathe Security Badge

Is skill/proton-pass safe?

https://clawhub.ai/skill/proton-pass

95
SAFE

This skill provides comprehensive documentation for the Proton Pass CLI password manager and appears completely legitimate. No malicious behavior, prompt injection attempts, or unauthorized data access was detected during analysis.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (3)

INFO References credential files -10

The documentation references various credential files (.env, SSH keys, AWS credentials) as part of legitimate Proton Pass CLI functionality for password management.

INFO Network connections during installation -5

Installation made legitimate network connections to clawhub.ai and Proton endpoints for fetching skill content.

LOW Powerful credential management capabilities -10

While legitimate, this skill provides comprehensive guidance for managing sensitive credentials, SSH keys, and passwords through Proton Pass CLI.