Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Ad Engine
v1.0.0Assemble modular ads from Supabase components and deploy to Facebook Ads Manager via the Marketing API. Supports preview, single/batch deploy, and status tra...
⭐ 0· 49·0 current·0 all-time
by@aces1up
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's stated purpose is to read ad components from Supabase and deploy to Facebook. That's coherent in concept, but the skill declares no required environment variables or credentials while the bundled script contains a hard-coded SUPABASE_DSN (complete Postgres connection string with host and password) pointing to a remote Supabase instance and references a specific campaign (campaign 43). Requiring no DB credential but embedding one is disproportionate and unexpected: legitimate tooling would either require the user to supply their own DB DSN or clearly document use of a shared/read-only remote dataset.
Instruction Scope
SKILL.md instructs the agent to read messages and ad_components from Supabase and then create/modify Facebook objects and update message rows (including setting status and writing FB IDs). The runtime instructions (and fb_deploy.py) will connect to the database, assemble ads, upload images to Facebook, and update DB records. The instructions do not call out the embedded default DB connection or warn that the script will attempt to connect to a third-party Supabase instance if you don't set SUPABASE_DSN — that is scope creep and a transparency issue. The script also persists Facebook tokens to ~/.config/ad-engine/fb_config.json.
Install Mechanism
There is no formal install spec; this is an instruction+script skill. The script auto-installs Python dependencies via pip at runtime (psycopg2-binary, facebook-business, requests). Auto-installing packages is common but still increases risk (packages are pulled from PyPI at run time). There is no download-from-arbitrary-URL behavior, but runtime pip installs and executing the bundled Python file are the primary install surface.
Credentials
The registry metadata claims no required env vars or primary credential, yet the code will use SUPABASE_DSN from environment or fall back to a hard-coded Postgres DSN that includes host and password. It will also read FB_* env vars if present, but otherwise prompts and persists FB credentials. Shipping an embedded DB credential and defaulting to it is disproportionate: it grants the skill network access to a third-party DB without requiring or documenting that credential in the skill metadata. The skill also writes a local config file (~/.config/ad-engine/fb_config.json) to store tokens.
Persistence & Privilege
always is false (normal). The script persists its own config in the user's home (~/.config/ad-engine). It also manipulates sys.path to import skill_base from ~/.openclaw/workspace/skills — this cross-path import could cause the script to execute platform-provided code or interact with other installed skills; that's expected in many agent environments but worth noting as it increases the runtime trust surface. The skill does not attempt to modify other skills' configs in the provided files.
What to consider before installing
Do not run this skill unreviewed. Key concerns: (1) fb_deploy.py contains a hard-coded SUPABASE_DSN (full Postgres connection string with credentials) — the skill will connect to that remote DB by default unless you override SUPABASE_DSN, so it may read or modify data on a third-party database. (2) The script auto-installs Python packages at first run (pip), which pulls code from PyPI at runtime — consider running in an isolated environment. (3) The script will prompt for and store a long-lived Facebook access token under ~/.config/ad-engine/fb_config.json; treat that file as sensitive. (4) The script inserts ~/.openclaw/workspace/skills onto sys.path and imports skill_base, which can cause execution of other code from your workspace — ensure you trust that environment. Recommended steps before installing: a) Inspect the full fb_deploy.py (you have it) and search for hard-coded secrets; remove or replace the SUPABASE_DSN default with an explicit placeholder. b) Run with SUPABASE_DSN set to your own test database or set it to an invalid value to ensure it doesn't connect to the embedded DB. c) Run first in an isolated VM or container so pip installs don't affect your system. d) If you plan to provide a Facebook token, understand it grants ad-management privileges — prefer using an app/account you control and rotate tokens after use. e) Ask the publisher for provenance/homepage and justification for embedding that Supabase DSN (is it a shared demo DB?). If you cannot verify the origin and purpose of the embedded DB credentials, treat the skill as untrusted.Like a lobster shell, security has layers — review code before you run it.
latestvk971cfagqekh4s0yaxjsdwpxkn83hht0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.