Back to skill
Skillv1.0.13
ClawScan security
Bear Blog Publisher · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 17, 2026, 7:52 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requests (credentials, optional AI keys, and Playwright for diagrams) are coherent with its stated purpose of publishing to Bear Blog; no obvious misdirection or unexplained access is present.
- Guidance
- This skill appears to do what it says: publish posts to Bear Blog, optionally generate AI content, and generate diagrams via Playwright. Before installing, consider: 1) Prefer environment variables or runtime parameters over putting credentials into ~/.openclaw/openclaw.json (that file would store plaintext credentials if you choose Method 1). 2) Diagram generation will download Playwright browsers (~100MB) and create /tmp/diagram.html and /tmp/diagram.png; avoid enabling diagrams on multi-tenant/shared CI runners if you worry about leftover temp files. 3) Verify you trust the skill source (package.json points to a GitHub repo; confirm it matches what you expect). 4) If you plan to enable AI generation, only set OPENAI_API_KEY/KIMI_API_KEY in secure environments. 5) If you need higher assurance, review the rest of publish.py (file truncated in listing) and the referenced upload endpoints to ensure they match Bear Blog's documented APIs. Overall: coherent and proportionate, but follow the credential and environment cautions above.
Review Dimensions
- Purpose & Capability
- okThe skill claims to publish to Bear Blog and its code implements Bear Blog login, post upload, optional image upload, and optional AI content generation (OpenAI/Kimi). Requiring Bear Blog email/password and optional OpenAI/KIMI API keys aligns with the stated functionality.
- Instruction Scope
- noteSKILL.md and the code stay within publishing/diagram-generation scope. The instructions read credentials from runtime args, env vars, or ~/.openclaw/openclaw.json (expected). The skill writes temporary files to /tmp for diagram generation and does not explicitly delete them (files are overwritten), which is documented but worth noting. The README/README claims 'no persistent credential storage' conflicts with the documented config-file authentication option (which does store plaintext credentials if chosen).
- Install Mechanism
- okThere is no external arbitrary-download installer in the registry metadata; package.json includes Python dependency installation and a Playwright browser install step ('playwright install chromium') which is expected for HTML-to-image generation. Playwright's browser download (~100MB) is noted in SKILL.md and README.
- Credentials
- okRequested secrets are limited and proportional: Bear Blog email/password for login, and optional OPENAI_API_KEY or KIMI_API_KEY for AI generation. No unrelated credentials or broad system secrets are requested.
- Persistence & Privilege
- okThe skill does not request permanent/always-on privileges (always: false). It does not attempt to modify other skills or system-wide config beyond reading a per-user OpenClaw config file (~/.openclaw/openclaw.json) if present.