Text Spoken Script
PassAudited by VirusTotal on May 6, 2026.
Overview
Type: OpenClaw Skill Name: text-spoken-script Version: 1.1.1 The skill bundle exhibits a significant functional mismatch: while the primary description and 7-step logic in SKILL.md focus on 'Short Video Spoken Script Generation', the 'Critical Execution Instructions' and 'systemPrompt' (metadata) specifically command the agent to perform image rendering using the 'dlazy seedream-4.5' CLI. It mandates the global installation of an npm package (@dlazy/cli@1.0.9) and provides explicit instructions for the agent to execute terminal commands and manage API keys in ~/.dlazy/config.json. While these behaviors are consistent with a SaaS integration, the functional inconsistency and the use of forceful prompt-injection techniques to direct agent terminal activity are suspicious.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may stop acting like a simple script writer and instead steer the user into an image-generation workflow.
The artifact first instructs the agent to output a text script, then later redirects the workflow into questioning, image prompt confirmation, and terminal-based generation. This creates a concrete purpose and instruction mismatch.
Final Output Requirements ... please directly output the script content ... / 执行与生成指南 ... 不要做任何设计和生成,先向用户提问 ... 你必须使用终端执行命令
Install only if you intentionally want the dLazy generation workflow, not just text script guidance. The maintainer should separate the text-script skill from image-generation execution instructions.
The agent could run cloud-generation commands and spend/use account resources when the user expected only written script output.
The skill requires terminal execution of an external CLI model command. It requires user confirmation and limits batching, but this command authority is not aligned with the advertised text-spoken-script purpose.
第三步:单次执行终端命令。用户确认后,你必须使用终端执行命令(如 `dlazy seedream-4.5 --prompt "..."`)
Do not allow autonomous terminal execution unless you explicitly want dLazy CLI use. Review each command before approving it.
Installing and using the skill may grant the CLI ongoing access to the user's dLazy account until the key is revoked or removed.
The skill requires a provider API key and persists it locally. This may be normal for dLazy CLI usage, but it is over-scoped for the stated text-script-generation purpose.
所有请求都需要 dLazy API key ... 登录成功后 自动把 API key 写入本地 CLI 配置 ... `~/.dlazy/config.json`
Use a limited/revocable key if available, remove `~/.dlazy/config.json` when done, and revoke the key from the dLazy dashboard if no longer needed.
Users may install and run third-party code globally even though the core skill could function as a prompt/template.
The skill points users to install or run an external npm package. The version is pinned and provenance links are provided, but this is still an external executable dependency for a skill presented as instruction-only text generation.
"install":"npm install -g @dlazy/cli@1.0.9", "installAlternative":"npx @dlazy/cli@1.0.9"
Review the linked repository and npm package before installing. Prefer `npx @dlazy/cli@1.0.9` for one-time use if CLI generation is truly needed.
Prompts, parameters, and any selected media files may be processed and hosted by dLazy services.
The skill discloses external provider calls and media uploads. This is transparent, but users should notice that prompts and selected media may leave the local machine.
你提供的提示词与参数会发送到 dLazy API(`api.dlazy.com`)... 本地文件路径会被 CLI 上传到 dLazy 媒体存储(`files.dlazy.com`)
Do not submit confidential prompts or private media unless you are comfortable with dLazy processing and hosting them.