Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Brand Marketing Workflow
v3.0.1Structural documentation for the brand-marketing-workflow skill. Use when the user wants to understand, audit, or review the workflow design without exposing...
⭐ 1· 122·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The SKILL.md and clawhub metadata repeatedly describe this as a documentation-only replacement artifact with no executable implementation, yet the bundle contains an install.sh, run.py, and ~17+ scripts that appear runnable and implement fetching, analysis, and LLM client logic. That discrepancy (claiming no executable code while shipping runnable code) is disproportionate and unexplained.
Instruction Scope
SKILL.md gives runtime instructions (install.sh delegates to python3 scripts/run.py and describes oc_execute_skill usage) while the top-level description says 'contains no executable code'. The described workflow otherwise stays within marketing/scoped actions (public signal fetching, human authorization), but the presence of real scripts means those instructions will execute network requests and LLM calls that are not reflected in the declared 'documentation-only' intent.
Install Mechanism
Registry lists 'no install spec' (instruction-only), but the repository includes an install.sh that executes Python code. There are no external download URLs or third-party installers — all code is packaged — which lowers supply-chain download risk, but the mismatch between claimed non-runnable artifact and actual executable files is concerning because users/integrations may accidentally run code they were told doesn't exist.
Credentials
Declared requirements list no env vars or credentials, but code includes oc_llm_client.py and gateway_client.py and evidence of web fetching. Those modules commonly require API keys or network access; no credentials are declared or justified in SKILL.md. The package also contains an autoresearch.config.json with an absolute workingDir path (reveals a local developer path). Missing declaration of expected secrets/credentials is a material inconsistency.
Persistence & Privilege
Flags are normal (always:false, user-invocable:true). The skill does not request 'always' or system-wide privileges. However, because executable code is present, autonomous invocation (default) would allow the agent to run network/LLM calls if the system/platform grants that capability — combine this with the purpose/instruction mismatch before enabling autonomous runs.
What to consider before installing
Do not install or run this skill until the mismatch is resolved. Specific steps to take: 1) Ask the publisher to confirm whether this release is meant to be documentation-only or an executable package. 2) If you intend to run it, review run.py and scripts/* (especially oc_llm_client.py, gateway_client.py, competitor_fetcher.py, authorization_manager.py) for network endpoints, hardcoded secrets, or code that reads environment variables or local files. 3) Verify which environment variables / API keys the code expects (LLM keys, gateway tokens) and ensure the registry metadata is updated to declare them. 4) Run any code in an isolated sandbox or ephemeral VM, not on a production host. 5) If you cannot get a clear explanation from the owner, treat the package as untrusted and avoid executing it — the main red flag is the intentional-sounding 'documentation-only' claim while shipping runnable code and past-run artifacts.Like a lobster shell, security has layers — review code before you run it.
latestvk97270ww18419h6qm77kw1zc5d83whdkmarketingvk97bn85n2j8r9hgkt6am256a7s83wjggmulti-agentvk97bn85n2j8r9hgkt6am256a7s83wjggworkflowvk97bn85n2j8r9hgkt6am256a7s83wjgg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.