Skillv2.1.1

ClawScan security

Instagram · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 11, 2026, 12:20 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This skill is internally consistent with its 'local-first' claim: it generates/optimizes Instagram content and only optionally writes drafts to a local JSON file under ~/.openclaw/workspace/memory/instagram/, with no network calls or credential requests.
Guidance: This skill appears to do what it says: optimize content and optionally save drafts locally. Things to consider before installing: (1) The script will create and write a JSON file at ~/.openclaw/workspace/memory/instagram/captions.json — review or back up that location if you care about file contents or permissions. (2) Inspect scripts/write_caption.py yourself (it's short and readable) before allowing saves if you have security concerns. (3) The skill does not request credentials or make network calls, but the agent can invoke it autonomously; if you prefer to avoid any automatic file writes, either disable autonomous invocation for the skill in your agent settings or refuse persistence requests during use. (4) As a best practice, review any saved drafts for sensitive personal data before storing them locally.

Purpose & Capability: okThe skill name/description (Instagram content optimization, local-first) align with the included files and behavior. The only code provided is a small script to persist drafts locally; that is a reasonable and proportional capability for a draft-storage/content-optimization skill.
Instruction Scope: okSKILL.md instructs the agent to perform content optimization and, only if the user requests persistence, to call scripts/write_caption.py to save drafts to the declared local workspace path. There are no instructions to read unrelated system files, access credentials, or transmit data externally.
Install Mechanism: okThere is no install spec (instruction-only skill) and the included Python script is small and self-contained. Nothing is downloaded or written to locations outside the user's OpenClaw workspace path.
Credentials: okThe skill declares no required environment variables, no credentials, and no configuration paths beyond the workspace directory it writes to. The requested access (local file write) is proportionate to the stated draft-persistence feature.
Persistence & Privilege: notealways:false (normal). The skill can be invoked by the model (disable-model-invocation:false, which is the default). When invoked and asked to persist, it writes to ~/.openclaw/workspace/memory/instagram/captions.json. This is expected, but if you want to avoid any automatic writes, limit autonomous agent actions or decline persistence requests.