ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

GEO Content Writer

v0.7.3

Use when the user wants to turn [Dageno](https://dageno.ai/?utm_source=github&utm_medium=social&utm_campaign=official) GEO opportunities into a real-fanout b...

0· 71·0 current·0 all-time
byTim@geo-seo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchasesRequires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name and description (Dageno -> fanout backlog -> article -> optional WordPress publish) align with the files present (client, citation crawling, wordpress integration, CLI, workflows). Requiring python3 is expected. However, the registry-level 'Requirements' block only lists DAGENO_API_KEY while SKILL.md's internal metadata and many code files indicate additional optional integrations (FIRECRAWL_API_KEY, WORDPRESS_SITE_URL, WORDPRESS_USERNAME, WORDPRESS_APP_PASSWORD). That mismatch is an inconsistency to verify.
Instruction Scope
SKILL.md instructs the agent to call the geo_content_writer CLI (PYTHONPATH=src python -m geo_content_writer.cli ...) to build fanout, crawl citation pages, analyze patterns, generate briefs, and optionally publish to WordPress. Crawling top citation pages and 'optional web research' implies outbound HTTP/HTTPS calls to arbitrary sites (expected for citation analysis) — this is coherent with the skill's purpose but expands the runtime network footprint and can touch many external sites and HTML content.
Install Mechanism
There is no install spec; the package is instruction/code-only and expects python3 and a PYTHONPATH run. This is low-risk compared with remote binary downloads. The presence of many source files means the code will run locally, but nothing in the manifest indicates an automated installer or remote executable fetch.
!
Credentials
The top-level registry metadata (Requirements) only lists DAGENO_API_KEY as required, but SKILL.md's embedded metadata and code indicate additional sensitive environment variables (FIRECRAWL_API_KEY and full WordPress credentials). WordPress app passwords and web-crawl API keys are sensitive and should only be provided if you intend to use those features. The skill's declared primaryEnv is DAGENO_API_KEY, which is appropriate, but the discrepancy between the registry summary and SKILL.md is a red flag: you should confirm exactly which credentials the code will attempt to read and transmit.
Persistence & Privilege
The skill is not marked 'always: true' and uses the default model-invocation behavior. It does not request system-wide persistence in the metadata (no config paths beyond project-local knowledge/backlog files). This privilege surface is typical for a CLI-style skill and is not unusually broad.
What to consider before installing
Before installing or providing credentials: 1) Confirm which environment variables you actually need (the registry summary lists only DAGENO_API_KEY, but SKILL.md mentions FIRECRAWL_API_KEY and WORDPRESS_* vars). 2) If you won't publish to WordPress or run citation crawling, avoid supplying WORDPRESS_APP_PASSWORD and FIRECRAWL_API_KEY. 3) Inspect the included src files (client.py, wordpress.py, citation_crawl.py, workflows.py) for where keys are sent and what external endpoints are contacted. 4) Run the tool in an isolated environment (dedicated VM or container) and with least-privilege API keys (scoped tokens) to limit blast radius. 5) If you plan to use WordPress publishing, consider creating a WordPress account/app password scoped to a test site or limited user. 6) If you need help verifying which env vars are actually referenced at runtime, share the specific client.py / wordpress.py call sites and I can inspect them and explain the outbound requests in detail.

Like a lobster shell, security has layers — review code before you run it.

latestvk978chtnd7nrqrb5jvchfasxj584hhq9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3
EnvDAGENO_API_KEY
Primary envDAGENO_API_KEY

Comments