Ad Copywriter
v2.0.0广告文案生成器。信息流广告、朋友圈广告、搜索广告、直通车标题、巨量引擎创意、Google Ads文案、A/B测试文案、ROI计算器、平台适配文案。Ad copywriter for feeds, search ads, social ads, A/B testing, ROI calculator, platfo...
⭐ 0· 449·2 current·2 all-time
byBytesAgain2@ckchzh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (ad copy generation, platform adaptation, ROI/A-B testing) match the included scripts and README: ad.sh produces ad text templates locally and script.sh provides small content utilities/logging. No unrelated credentials or binaries are requested.
Instruction Scope
SKILL.md instructs running the provided local scripts (bash + embedded Python) and the scripts' behavior matches: template generation, tips, and a simple ROI calculator. The instructions do not direct the agent to read unrelated system files, call external endpoints, or exfiltrate data.
Install Mechanism
No install spec or remote downloads are present — the skill is instruction-plus-local-scripts only. No archives/URLs or package installs are used.
Credentials
The skill does not require credentials or sensitive env vars. It does read optional environment vars for data path selection (AD_COPYWRITER_DIR, XDG_DATA_HOME, HOME) to determine where to store logs; this is reasonable for a local tool but worth noting.
Persistence & Privilege
script.sh creates a data directory under ${AD_COPYWRITER_DIR:-${XDG_DATA_HOME:-$HOME/.local/share}/ad-copywriter} and appends user inputs to history.log (and defines a DB path). This is modest local persistence (no system-wide changes, not always:true), but the skill will store copies of commands/inputs on disk.
Assessment
This skill appears to do what it says: local ad-copy generation and tips. Before installing/using it, consider: (1) the scripts write a history/log under ~/.local/share/ad-copywriter by default — if you will provide sensitive product or customer data, set AD_COPYWRITER_DIR to a safe location or inspect/remove the log files; (2) review the full ad.sh/script.sh contents yourself (they are short and readable) if you have concerns; (3) there are no network calls or credential requests in the provided files, but if you see any updated versions that add curl/git/remote downloads, treat that as a red flag. Finally, note a minor metadata inconsistency: registry metadata shows no homepage/source while SKILL.md references bytesagain.com and a GitHub repo — you may want to verify the origin if provenance matters.Like a lobster shell, security has layers — review code before you run it.
latestvk97fv38x7z2x519s6r0076jgkx832sg5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.