ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ad Creative Analysis

v1.0.0

Analyze ad creatives (images and videos) extracted from competitor research. Use when given a directory of ad images, video files, or transcripts to evaluate...

1· 473·1 current·1 all-time
by@baitoxkevin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the runtime instructions: the SKILL.md describes reading a directory of image/video files and producing per-creative JSON analyses using vision capabilities and a provided rubric. There are no unrelated environment variables, binaries, or config paths requested.
Instruction Scope
Instructions are scoped to listing and analyzing files in a provided directory and (optionally) reading plain-text transcripts; this is appropriate for the stated purpose. Note: analysis depends on the agent's vision capability and on reading user-supplied files — ensure the agent is granted access only to intended directories and that you have legal rights to analyze the creatives/transcripts.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk or downloaded by the skill itself, minimizing install-time risk.
Credentials
The skill declares no required environment variables, credentials, or config paths. The data access it requests (local creative files and optional transcripts/metadata.json) is proportional to the analysis task.
Persistence & Privilege
always is false and the skill does not request persistent system changes or modification of other skills. Autonomous invocation is allowed (platform default) but not combined with other risky permissions.
Assessment
This skill appears internally consistent and low-risk, but take these precautions before installing or running it: (1) Only point the agent at directories you control and verify you have the right to analyze the creatives (copyright/terms may apply). (2) The skill assumes use of vision analysis — if your agent implements vision by uploading files to an external API, that will transmit the creatives off-device; confirm how image/video data is handled by your agent’s vision subsystem. (3) Avoid supplying directories that contain unrelated sensitive files or PII. (4) Because the agent can be invoked autonomously by default, consider limiting autonomous runs or reviewing outputs manually if you have concerns about repeated processing or sharing of competitive assets.

Like a lobster shell, security has layers — review code before you run it.

latestvk974e0j7hf367pxmvnznze8nfx81wcdk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments