SEO Article Generator
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill can use a DeepSeek API key to generate site pages, but it hard-codes affiliate and sitemap URLs to a specific external domain instead of a user-configured website.
Before installing, confirm that the hard-coded domain is actually yours, update or remove the affiliate links and sitemap base URL, and avoid automatic hourly generation unless you are comfortable with API costs and unreviewed public-facing SEO content.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Generated pages may promote and point search engines at a domain the user did not choose.
The code hard-codes a specific external domain for the affiliate ad and sitemap URLs, while the skill is presented as generating content for the user's website and services.
href="https://www.xn--ehqw44a690c.com/ai-photo" ... const url = `https://www.xn--ehqw44a690c.com/article/${filename}`;Make the site URL and affiliate links explicit, configurable, and disabled until the user approves them; review generated pages and sitemap entries before publication.
The skill could consume API quota and create website-facing SEO pages or sitemap entries without the user reviewing each article first.
The instructions describe recurring content generation and sitemap mutation, but do not describe user approval, limits, review workflow, or rollback controls.
The skill automatically generates one SEO article per hour ... Auto-registration in sitemap.xml
Require explicit user invocation or approval for each generated article and sitemap update, and provide clear configuration for output paths, frequency, and rollback.
Installing or running the skill may use the user's stored DeepSeek/OpenAI-compatible API credential and consume paid API quota.
The code reads a DeepSeek API key from the environment or local OpenClaw config. This is expected for the stated DeepSeek generation purpose, but it is not declared in the requirements.
process.env.DEEPSEEK_API_KEY ... fs.readFileSync('/home/admin/.openclaw/openclaw.json', 'utf8') ... providers?.deepseek?.apiKeyDeclare the credential and config path requirements clearly, and let the user choose which provider key may be used.
Users have less ability to verify the author's intent, update history, or maintenance practices.
The artifact provides no verifiable source repository or homepage, which limits provenance review even though the included code is visible.
Source: unknown; Homepage: none
Prefer skills with a verifiable source repository/homepage, or manually review the included files before installing.