auto-novel-writer
v1.0.0长篇爽文小说写作助手,支持多小说管理、章节记忆管理、大纲追踪、AI味去除。专为男频爽文(扮猪吃虎、金手指系统、无敌流)设计,解决长上下文限制问题。
⭐ 0· 67·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (long-form novel writer, chapter management, AI-flavor removal) align with the included scripts and SKILL.md: scripts provide project setup, chapter generation prompts, AI-flavor removal, style and consistency checks and the instructions describe reading/writing the novels/ directory. No unrelated credentials, binaries, or external services are requested.
Instruction Scope
SKILL.md explicitly instructs the agent to create and manage files under a novels/ workspace and to read the most recent chapter summaries and metadata — behavior consistent with purpose. However, the code accepts user-supplied novel names/paths without strict normalization (Path joins are used but not resolved/sandboxed), which can allow accidental or intentional path traversal to read/write files outside the intended novels/ tree if untrusted input is provided. Also note the strong enforcement of 2000+ chars per chapter in the workflow — this is expected for the use case but can lead to large automatic writes.
Install Mechanism
No install spec is present (instruction-only skill with bundled scripts). That is the lowest-risk model; nothing is downloaded or executed from remote URLs by the skill itself.
Credentials
The skill requires no environment variables, credentials, or config paths. All file I/O is targeted at a local novels/ folder, which is proportionate to the stated purpose.
Persistence & Privilege
always is false and the skill does not request permanent platform-level privileges. It will create and modify files within its working directory (novels/), which is expected for a writing assistant; it does not attempt to alter other skills or global agent settings.
Assessment
This skill appears internally consistent for local novel management and writing assistance and does not request credentials or network access. Before installing or running it, review and consider: 1) Run it in an isolated workspace (sandbox) because it will create and modify many files and can produce large chapter files (enforced 2000+ characters per chapter). 2) Validate or sanitize any novel-name inputs you provide — the scripts join user-supplied names into paths without strict normalization, which could allow escaping the intended novels/ directory if given malicious or malformed names. 3) Back up important data before using automated fixes/updates (the tool can overwrite content). 4) If you plan to run these scripts in an automated agent, be aware they perform arbitrary local file I/O (no network calls were found). If you need broader assurances, request the author to add explicit input sanitization (reject path separators), limit operations to the novels/ subtree (resolve and verify paths), and add a dry-run mode before making destructive changes.Like a lobster shell, security has layers — review code before you run it.
latestvk97etwtzhc0dsn0ry4xswzvafn83vdxm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.