Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
FB Ads Copywriter Pro
v2.1.0Facebook 廣告文案專家 - 生成 6 個高轉化率廣告版本,包含 A/B 測試建議和受眾分析
⭐ 0· 97·0 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's files and scripts align with the stated purpose (ad copy generation, A/B test suggestions, audience analysis, delivery via email/Telegram). However there are inconsistencies: the registry summary at the top lists no required environment variables while _meta.json and SKILL.md/README require GLM_API_KEY (required), and optionally RESEND_API_KEY and TELEGRAM tokens. The package references image generation (Stability AI) and a 7-day report in docs, but corresponding image-generation scripts are referenced in docs/publish checklists but not present in the file manifest — this suggests incomplete or mismatched packaging.
Instruction Scope
Runtime instructions and the main script instruct the agent to read local questionnaire files (memory/...), call external APIs (GLM-4-Flash at open.bigmodel.cn), and optionally send email (Resend) and Telegram notifications. Those actions are coherent with the stated feature set, but the SKILL.md includes unicode-control-chars (prompt-injection signal) and the script contains a hardcoded GLM API key literal. Instructions to 'export GLM_API_KEY' are reasonable, but the presence of an embedded default key in code that will be used if env var is missing is a significant scope/behavior concern (possible credential leakage or misuse).
Install Mechanism
No install spec (instruction-only + a small Python script and requirements.txt). Requirements are minimal (requests, python-dotenv). There is no download-from-arbitrary-URL or archive extraction in the manifest — low install surface area.
Credentials
Environment/credential requirements are inconsistent across the package: the top summary reported 'Required env vars: none', while _meta.json, SKILL.md, and README require GLM_API_KEY (marked required) and optionally RESEND_API_KEY, TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID. More critically, scripts/copy-generator.py contains a hardcoded GLM_API_KEY default string (looks like an API secret) which bypasses normal env-var protection and is inappropriate for any legitimate package — this is disproportionate and risky. Optional delivery credentials (Resend/Telegram) are reasonable for email/notification features if properly documented, but the hardcoded secret makes the package suspect.
Persistence & Privilege
Skill does not request 'always: true' or other elevated platform privileges. It does read/write local files in a 'memory/' workspace and can send outgoing requests to external services (expected for a generator+delivery tool). No evidence it modifies other skills or global agent settings.
Scan Findings in Context
[unicode-control-chars] unexpected: The pre-scan detected unicode control characters inside SKILL.md — a common pattern used for prompt-injection or to obfuscate content. This is not needed for an ad-copy skill and should be reviewed/removed.
[embedded-api-key] unexpected: scripts/copy-generator.py contains a hardcoded GLM API key literal assigned as the default GLM_API_KEY value. Embedding an API key in source is inappropriate and dangerous (credential leakage, unauthorized usage). This was not listed in the pre-scan results but is a clear, high-risk artifact found in the code.
What to consider before installing
Do NOT install or run this skill in a production environment until you resolve the following: (1) Remove the hardcoded GLM API key from scripts and rotate that key immediately if it is real — treat it as compromised. The code should rely on environment variables only and fail safely if missing. (2) Confirm _meta.json, SKILL.md, and the registry metadata agree about required environment variables (GLM_API_KEY should be declared consistently). (3) Inspect and remove any unicode control characters from SKILL.md (they may be an attempt at prompt injection). (4) Verify any optional delivery integrations (Resend, Telegram, Stability AI) actually have the referenced scripts present and that you provide your own credentials; test in an isolated sandbox. (5) If you plan to use email/Telegram delivery, use ephemeral/test API keys first and review outgoing network endpoints. If you cannot validate the embedded key or the discrepancies, classify the package as untrusted and avoid installing it.Like a lobster shell, security has layers — review code before you run it.
ab-testingvk9745j6y1mqj1n6te1h32j3enx83bhw3advertisingvk9745j6y1mqj1n6te1h32j3enx83bhw3aivk9745j6y1mqj1n6te1h32j3enx83bhw3copywritingvk9745j6y1mqj1n6te1h32j3enx83bhw3latestvk975yht9ebhqbz6xv9s16kv7zh83r5w2latestfacebook-adsvk9745j6y1mqj1n6te1h32j3enx83bhw3marketingvk9745j6y1mqj1n6te1h32j3enx83bhw3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.