AI Citation Content Writer
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a straightforward local content-template writer with no credential, network, persistence, or privileged behavior, though users should review output paths and generated content.
This skill is reasonable to install from a security perspective. Use safe output filenames, keep generated files in a project directory, and fact-check citations, statistics, and comparisons before publishing.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
46/46 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A poorly chosen output path could replace an existing local file with generated template text.
The helper writes generated content to a caller-supplied output path. This is expected for a content generator, but it can overwrite an existing file if used carelessly.
if args.output:
with open(args.output, 'w') as f:
f.write(content)Use a dedicated working directory and a new output filename, and review before overwriting existing files.
If relying on the helper script for FAQ, comparison, how-to, or statistics formats, users may receive mismatched or incomplete output.
The documentation describes five content formats, but the helper script artifact visibly implements only the definition template and defaults other requested formats to it.
TEMPLATES = {
"definition": """# What is {topic}? (Complete Guide)Review generated content carefully and verify the helper supports the requested format before relying on it.