ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Brand Voice Generator

v1.0.0

Creates consistent brand voice guidelines and content. Generates copy that matches your brand personality across all channels. Perfect for startups building...

0· 52·1 current·1 all-time
by@1477009639zw-blip·duplicate of @1477009639zw-blip/betabrandvoic
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name/description (brand voice generator) align with the included Python script and required binary (python3). However, the README promises many structured outputs (detailed tone variations, multiple content examples, do's/don'ts) while the script only prints a small, fixed template — the capability is overstated.
!
Instruction Scope
SKILL.md usage examples call 'python3 voice.py --tone professional' but the script expects '--personality'. This CLI mismatch will cause runtime errors if followed. The instructions also describe richer functionality than the code implements, which is scope/expectation creep and could confuse automated agents.
Install Mechanism
No install spec and only requires python3 on PATH. No downloads, no archive extraction, and nothing is written to disk beyond running the small script — low install risk.
Credentials
No environment variables, credentials, or config paths are requested. The script does not access network, files, or secrets — requested privileges are proportional to the stated purpose.
Persistence & Privilege
always:false and no special persistence or system-wide changes. The skill does not modify other skills or agent config; autonomous invocation is allowed by default but not combined with other concerning permissions.
What to consider before installing
This skill looks safe to inspect and run locally — it only uses python and contains a short script with no network or secret access. However: (1) SKILL.md examples use --tone but the script expects --personality; update the docs or call the script with --personality to avoid errors. (2) The README promises much more structured output than the script actually produces — if you need the richer outputs, review and modify the script before relying on it. (3) Source is unknown; if you plan to use this in production or give it access to sensitive workflows, audit/extend the code and confirm provenance. Run it in a sandbox first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97823tafjqfr05z54289fppd983vrx3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎨 Clawdis
Binspython3

Comments