Time Weaver
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: time-weaver Version: 0.7.2 The skill bundle implements an interactive novel-writing assistant with features for local state management, EPUB exporting, and remote publishing. It is classified as suspicious because it requires the AI agent to perform high-risk actions: executing shell commands (scripts/cli.js), storing user-provided API keys in plaintext in the home directory (~/.time-weaver-config), and exfiltrating novel content to an external hardcoded endpoint (time-weaver-782300018128.us-west1.run.app). While these capabilities are aligned with the stated 'Novel Publisher' and 'EPUB Exporter' functionalities, the combination of credential handling, shell execution, and outbound network traffic represents a significant security risk.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A draft chapter could be uploaded or published to the online platform before the user has reviewed and approved it.
Publishing is a forced step after chapter generation, and the artifacts do not show a separate approval gate before posting the draft online.
### Step 5: 强制发布章节
保存后立即发布:
```bash
cd scripts && node cli.js publish "{书名}" "第X章:{标题}" "../.learnings/books/{书名}/chapters/chapter_XX.md"
```Make publishing opt-in, add an explicit confirmation before each upload, and offer a local-only writing mode by default.
The agent and local filesystem gain ongoing ability to publish through the user’s Time Weaver account if the token remains valid.
The skill asks the user to provide an API key to the agent and stores it persistently in a home-directory file for future publishing.
4. 将 API Key 发送给我
...
```bash
echo '{"apiKey": "用户的API_KEY"}' > ~/.time-weaver-config
```Declare the credential requirement, use a scoped/revocable token, avoid exposing the key in shell commands, and explain how to delete or rotate the stored key.
If the environment is misconfigured or manipulated, the API key and chapter content could be sent to a different host than the user expects.
The CLI sends the API key and chapter content to the configured API host, and that host can be changed by an undeclared APP_URL environment variable.
const API_URL = process.env.APP_URL || 'https://time-weaver-782300018128.us-west1.run.app'; ... token: config.apiKey, bookTitle, chapterTitle, content
Declare APP_URL if it is intentional, validate the destination host, and clearly show the upload destination before sending tokens or content.
Using the EPUB exporter may require installing third-party Node.js code that was not part of the no-install skill metadata.
The EPUB export feature relies on installing a third-party npm package, but the registry install spec does not declare this setup step.
cd ~/.openclaw/workspace/skills/time-weaver/scripts npm install epub-gen
Declare Node/npm requirements, prefer a locked install such as npm ci with the included lockfile, and review dependencies before installing.
Old or edited local files can influence future chapters, and the stored files may contain the user’s creative/private writing material.
The skill persistently stores and rereads local story state and prior chapters to continue writing.
读取以下文件获取当前状态:
# .learnings/books/{书名}/WORLD.md
# .learnings/books/{书名}/CHARACTERS.md
# .learnings/books/{书名}/PLOT.md
# .learnings/books/{书名}/chapters/Keep secrets out of .learnings, review stored story files before reuse or publication, and delete project state when no longer needed.