Ads Analyzer
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: meta-ads-analyser Version: 1.0.0 The skill is classified as suspicious due to significant vulnerabilities, primarily shell injection and Cross-Site Scripting (XSS) risks. The `SKILL.md` explicitly instructs the agent to execute shell commands (`sips`, `ffprobe`, `zip`) using filenames derived from input. If these filenames are not properly sanitized, they could lead to shell injection. Additionally, the `templates/report-template.html` uses placeholders for user-controlled content (e.g., ad copy, landing page text) without explicit mention of HTML escaping, posing an XSS risk in the generated report for the recipient. While the stated purpose is benign, these vulnerabilities could be exploited by malicious input data.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may inspect local media files and package all files in the selected Meta ads folder.
The skill instructs local command use and bulk archiving of the asset folder. This is expected for media analysis and delivery, but users should keep the target folder limited to intended assets.
Get dimensions with: ... sips -g pixelWidth -g pixelHeight image.jpg ... ffprobe ... video.mp4 ... Zip the entire folder
Use a dedicated asset folder and review its contents before allowing the folder to be zipped or shared.
A report zip could be sent through a messaging account or to an unintended chat if the destination is not checked.
Sending through Telegram may require access to a Telegram account, bot, or chat destination, although no credential is declared in metadata. The behavior is disclosed and delivery-oriented, but the account and recipient should be controlled by the user.
Send via Telegram with caption explaining contents
Confirm the Telegram account, chat recipient, and attachment contents before sending; prefer a least-privileged bot or explicit user approval.
Ad creatives, landing page screenshots, and generated analysis may be processed outside the local environment.
The skill discloses that images and videos may be analyzed by external model providers. This is central to the skill's purpose, but it crosses a data boundary.
Use vision model for images, Gemini for video analysis.
Avoid using the skill on confidential assets unless the relevant AI provider and Telegram handling are acceptable.