ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Podcast Production Ops

v1.0.0

从选题到上线整理播客生产流程,生成 show notes、标题、剪辑要点与发布清单。;use for podcast, production, content workflows;do not use for 虚构嘉宾观点, 公开未授权片段.

0· 87·0 current·0 all-time
byvx:17605205782@52yuanchangxing
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill is named and described as a podcast production/ops helper and the bundle contains templates, spec, examples and a Python script that produces structured show notes, titles, edit points and a publishing checklist — this is coherent. Note: the script also includes additional audit modes (directory/csv/pattern/skill audits) which extend capability beyond simple content generation; these capabilities are plausible for a 'production ops' tool but are broader than a minimal 'show notes generator'.
Instruction Scope
SKILL.md instructs the agent to recompose user-provided podcast inputs and (optionally) run the included local script. The script reads local files, directories, and CSVs and produces Markdown reports. No instructions ask the agent to access unrelated system credentials, call external endpoints, or exfiltrate data. Caveat: if the agent is told to run the script against an arbitrary directory, the script will read any accessible files in that path — behaviour consistent with its directory-audit features but potentially sensitive depending on the provided path.
Install Mechanism
No install spec; this is instruction-only with one local Python script. Required binary is only python3 and there are no downloads or remote installers. Low installation risk.
Credentials
The skill does not request environment variables, credentials, or config paths. The lack of secrets is proportionate to the stated purpose.
Persistence & Privilege
always is false; the skill does not request permanent presence or special privileges and does not modify other skills. It can read and write files when run (via --output), which is expected for a local report/template generator.
Assessment
This skill appears coherent and local-only: it generates structured podcast deliverables and includes a Python script that can also audit directories or CSVs. Before running: (1) only run the script (python3 scripts/run.py) on directories/files you trust — don't point it at system root or sensitive directories; (2) avoid passing files that contain PII or secrets, or sanitize them first; (3) review the script (scripts/run.py) — it only reads files and produces reports and does not make network calls, but it will read any file the process can access; (4) if you allow an agent to invoke this skill autonomously, ensure its scope is limited (dry-run / review first) so it won't be instructed to run the script against broad/unexpected paths. Overall the package is consistent with its description.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e5qxeyzv8xjpmdtdkrntpbs836gt9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎙️ Clawdis
OSmacOS · Linux · Windows
Binspython3

Comments