Safepaste

The skill is classified as suspicious due to its reliance on high-risk capabilities, including direct execution of shell commands (`mkdir`, `cp`, `ls`, `clawhub install`) and instructions that leverage prompt injection techniques against the agent itself. While these capabilities are plausibly needed for the skill's stated purpose of configuration analysis, backup, rollback, and safe skill installation, they represent a significant attack surface. Specifically, the `clawhub install` command, though intended for safe skill management, allows the agent to install new software. Additionally, the instructions for the agent to 'Use everything you know about this user from your conversations, workspace files, and active projects' are a form of prompt injection, even if intended for benign personalization. The skill does, however, explicitly instruct the agent to detect and warn against malicious prompt injection and data exfiltration attempts, which is a strong defensive measure.