Lay Press Release Writer
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is mostly local and purpose-aligned, but it appears to invent attributed researcher quotes and media contact details for public press releases.
Use this skill only as a drafting aid. Verify the paper summary, replace any generated quotes and media contacts with approved real information, and review the output carefully before publishing.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could publish a press release containing quotes or contact information that appear real but were actually invented, creating reputational, ethical, or factual risk.
The script constructs attributed researcher quotes and a media-contact email from names/institution text instead of extracting or requiring verified source material.
quotes.append(f"\"This research provides a new perspective on our understanding of the field,\"{first_author}English,\"We expect this discovery to bring practical value to related applications。\"") ... "email": f"media@{institution.lower().replace('University', '').replace('college', '')}.edu.cn"Treat all generated quotes and contact details as placeholders; require user-supplied, verified, and approved quotes/contact information before publication.
The agent may execute the packaged Python script on the local machine to generate the press release.
The skill is intended to run a local Python script. This is disclosed and purpose-aligned, but it is still local code execution.
python scripts/main.py --paper-text "Paper content..." --institution "XX University"
Run it only in a normal workspace with reviewed inputs and inspect the generated output before using it externally.