Csdn Publisher
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for drafting and publishing CSDN posts, but it uses browser automation, stored login cookies, Telegram QR delivery, optional Notion access, and manual dependency installs that users should control carefully.
Install only if you want the agent to operate a browser and publish to your CSDN account. Confirm every final draft before publishing, protect the OpenClaw credentials directory, verify Telegram targets and Notion token scope, and review dependency installation commands before running them.
Findings (7)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked and approved, the agent can publish content publicly under the user's CSDN account.
The skill is designed to operate the browser and publish public CSDN articles after a user-confirmed draft. This is purpose-aligned, but it can mutate a third-party account and create public content.
产出初稿,用户确认后继续 ... 添加标签,点击发布
Review the final article, title, tags, and article type before allowing the publish click, and ask the agent to stop before publishing if you only want a draft.
Anyone or anything with access to that credentials file may be able to reuse the CSDN session.
The login helper saves browser storage/cookies for the CSDN account so later browser automation can stay logged in. This is expected for the skill, but the stored session is sensitive.
DEFAULT_COOKIE_FILE = Path.home() / ".openclaw/workspace/credentials/csdn-cookie.json" ... json.dump(storage_state, f, ensure_ascii=False, indent=2)
Keep the OpenClaw credentials directory private, remove the cookie file when no longer needed, and revoke/logout the CSDN session if the machine is shared or compromised.
If configured, the skill can read recent titles, URLs, and dates from the selected Notion database.
The optional news de-duplication workflow queries a Notion database with a Notion bearer token. This is disclosed in SKILL.md for news de-duplication, but the registry metadata does not declare these optional credentials.
NOTION_KEY="${NOTION_KEY:-ntn_YOUR_KEY_HERE}" ... -H "Authorization: Bearer $NOTION_KEY"Use a least-privilege Notion integration limited to the intended database, and do not provide a broad workspace token.
The local environment will depend on current upstream package contents at install time.
The documented setup installs remote packages/tools without pinned versions. These installs are central to browser automation and are user-directed, not hidden automatic execution.
curl -sL "https://dl.google.com/linux/direct/google-chrome-stable_current_x86_64.rpm" ... pip install playwright ... npm install ws
Install from trusted sources, consider pinning versions, and review package installation commands before running them.
When run, the script can modify the open CSDN editor page through the local browser debugging interface.
The injector uses Chrome DevTools Protocol Runtime.evaluate to run JavaScript inside the CSDN editor tab. This is the documented mechanism for inserting article content, but it is a powerful browser-control path.
return cdp('Runtime.evaluate', { expression, returnByValue: true }); ... editor.textContent = window.__csdnContent;Run the injector only after opening the intended CSDN editor tab, and use markdown files you trust.
Sending the QR code to the wrong chat/user could let someone else complete or interfere with the login flow.
The skill can send the CSDN login QR image through Telegram or a messaging tool. This is disclosed and supports headless login, but the QR is authentication-related and must go only to the intended user.
message(action="send", filePath="~/.openclaw/workspace/credentials/csdn-qr.png", target="用户ID", caption="请用 CSDN App 扫码登录")
Verify the Telegram target/chat ID before sending login QR images, and delete stale QR screenshots after login.
Saved examples may influence future articles and could expose prior writing style or content if the skill directory is shared.
The workflow can persist user-approved final articles as examples and later read those examples to shape new writing. This is optional and disclosed, but it creates reusable local context.
【可选】用户确认终稿后,保存到 examples/ 目录 ... 阅读 examples/ 目录中的示例文章
Save only non-sensitive final articles as examples, and periodically remove examples you do not want reused.