Add SafeSkill security badge (91/100 — Verified Safe)

[OyaAIProd]

✅ SafeSkill Security Scan Results

Metric	Value
Overall Score	91/100 (Verified Safe)
Code Score	97/100
Content Score	80/100
Findings	301 findings detected (9 critical)
Taint Flows	1
Files Scanned	24
Scan Duration	3.0s

Note: This package is a CLI tool — child_process, filesystem, and environment access are expected capabilities and are excluded from scoring and top findings.

Top Findings

• 🔴 critical: Makes HTTP request via fetch() (co-occurs with filesystem access — potential data exfiltration) (launch/auto/devto.js:82)
• 🔴 critical: Makes HTTP request via fetch() (co-occurs with filesystem access — potential data exfiltration) (launch/auto/farcaster.js:74)
• 🟠 high: Network call: http.createServer() (cli/gateway.js:93)
• 🟠 high: Opens WebSocket connection (cli/mcp-server.js:132)
• 🟠 high: Makes HTTP request via fetch() (launch/auto/reddit.js:33)

View full report on SafeSkill

---

About SafeSkill

SafeSkill is a free, open-source security scanner for AI tools, MCP servers, and Claude Code skills. We scan for code exploits, prompt injection, and data exfiltration risks.

False positive? We take accuracy seriously. If any finding above is incorrect, please open an issue and we will fix it immediately.

• GitHub | Website | Docs
• Built by Oya.ai -- AI Employees Builder