Toutiao Publish
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is meant to publish to Toutiao, but it can automatically post through a logged-in account and its script handles article content in a way that can execute unintended browser JavaScript.
Use this only if you intentionally want OpenClaw to control a browser and publish to your Toutiao account. Review the title, body, images, and logged-in account before final posting, prefer a dedicated browser profile/test account, and avoid running the provided publish script on untrusted article content until the JavaScript interpolation is fixed.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
65/65 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with the wrong content or account, it could publicly publish material before the user reviews the final result.
The script drives the browser to both start publishing and click the final confirmation on the logged-in Toutiao site.
const publishBtn = buttons.find(b => b.textContent.includes("预览并发布")); ... publishBtn.click(); ... const confirmBtn = buttons.find(b => b.textContent.includes("确认发布") || b.textContent.includes("立即发布")); ... confirmBtn.click();Add an explicit final user confirmation or dry-run mode before clicking the final publish button, and show the target account, title, body, and images first.
Untrusted or malformed article text could execute unintended actions in the authenticated Toutiao page context or corrupt the posting workflow.
The article body is interpolated into a JavaScript template literal inside a browser evaluate call, so special characters in the content could break out of the intended string and run page JavaScript.
browser act request="{ ... \"kind\": \"evaluate\" ... editor.innerHTML = \\`$CONTENT\\`; ... }"Do not interpolate raw content into JavaScript source; pass it as serialized data such as JSON/base64, decode inside the function, and sanitize or escape HTML intentionally.
Posts and account changes will be made as the currently logged-in user.
The skill depends on an already logged-in Toutiao account, so its browser actions run with that account's publishing authority.
- 今日头条账号(已登录) - 需要预先登录头条号
Use a dedicated browser profile or test account, verify which account is logged in, and avoid leaving high-privilege sessions open when testing.
Users may not realize the skill requires local browser automation tooling and shell script execution until after installation.
The registry metadata under-declares the local execution expectations even though included docs and scripts rely on shell/browser automation.
No install spec — this is an instruction-only skill. ... Required binaries (all must exist): none
Declare the browser/shell prerequisites and capabilities in metadata so users can make an informed installation decision.