Oathe Security Badge

Is wrsmith108/claude-skill-flaky-test-detector safe?

https://github.com/wrsmith108/claude-skill-flaky-test-detector

92
SAFE

This skill appears to be a legitimate tool for detecting flaky test patterns in TypeScript/JavaScript test files. The code only performs static analysis of test files looking for problematic patterns and provides helpful suggestions for fixes. No malicious behavior was detected.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 85/100 · 25%
Code Execution 95/100 · 20%
Clone Behavior 90/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (2)

LOW Sensitive file access during installation -15

System processes accessed sensitive files (.env, SSH keys, AWS credentials) during git clone operations. This appears to be normal SSH authentication and git behavior rather than malicious skill activity.

INFO Standard git clone network activity -10

Network monitoring detected expected connections to GitHub (140.82.121.4:443) for repository cloning. No unexpected external connections observed.