ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Series Storytelling Skill

v1.0.3

Use this skill to turn a premise, video notes, a one-episode idea, or a long novel into a multi-line long-form series or season outline. Chinese trigger phra...

0· 64·0 current·0 all-time
by@hshgogogo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name, description, and included templates/examples (episode SOP, series outline, references) align with a series-storytelling authoring skill. No unrelated binaries, env vars, or config paths are requested.
Instruction Scope
SKILL.md instructs the agent to produce outlines, use local templates under {baseDir}, and follow explicit creative workflows. It does not instruct reading system files, accessing external endpoints, or collecting credentials.
Install Mechanism
This is instruction-only with no install spec or external downloads; nothing is written to disk beyond normal skill assets — lowest-risk install profile.
Credentials
No environment variables, credentials, or config paths are requested. The skill's declared requirements are minimal and proportional to a writing/template tool.
!
Persistence & Privilege
The skill metadata includes always:true which force-includes it in every agent run. There is no clear justification in SKILL.md for needing permanent inclusion. This increases attack surface and the skill's runtime reach even though the skill itself appears benign.
What to consider before installing
This skill appears coherent for its stated purpose (story/season outline generation) and contains only templates and prose — no secrets or downloads. The primary concern is the manifest flag always:true which forces the skill to be included in every agent session; ask the publisher why permanent inclusion is required. If you don't need it always-on, prefer a user-invocable-only installation (disable the always flag). Also: verify the GitHub homepage if you want more provenance, and avoid granting any credentials (none are requested). If you decide to install, monitor agent behavior for unexpected outbound requests and consider asking the maintainer to remove always:true.

Like a lobster shell, security has layers — review code before you run it.

latestvk978fy3gvaw2vhrzy15a96xbws84j7t4screenwritingvk978fy3gvaw2vhrzy15a96xbws84j7t4storytellingvk978fy3gvaw2vhrzy15a96xbws84j7t4writingvk978fy3gvaw2vhrzy15a96xbws84j7t4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎬 Clawdis

Comments