Skillv1.0.1

ClawScan security

blog-polish-enus-images · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 23, 2026, 9:56 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code is an instruction-only template that reads/writes local draft files and emits image prompts, but it does not actually perform the claimed polishing to 1000–1200 words or generate images — this mismatch and some undeclared tool dependencies are concerning.
Guidance: This skill appears to be a template/stub rather than a functional blog polisher: it creates placeholder markdown and builds image prompts/file-names but does not actually rewrite the draft to 1000–1200 words or call any image API. Before installing or using it: (1) inspect SKILL.md yourself — it will read the draft file (default: ~/.openclaw/workspace/contentDraft/latestDraft.md) and write output files to the outputDir; (2) ensure jq and other CLI tools used by the script are available on the host, or the skill may fail; (3) do not rely on this skill for production publishing without verifying its output on sample drafts; (4) ask the author for clarification or a working implementation that actually performs polishing (calls an LLM or polishing routine) and/or image generation, and for a declared list of required binaries. If you only need prompts/filenames, this could be useful; if you need real rewriting and image generation, this skill as-is is not sufficient.

Review Dimensions

Purpose & Capability: concernThe skill's declared purpose is to polish a technical blog into a 1000–1200 word, 4–5 section article while preserving technical terms/code and generate hero + per-section images. The SKILL.md implementation only writes a simple placeholder polished markdown (static template text like 'Content polished and restructured...' and summary lines) and only builds text prompts and intended image file paths; it does not call any polishing engine/LLM or any image-generation API. That is a substantive mismatch between claimed capability and actual behavior (appears to be a stub/template rather than a working polisher).
Instruction Scope: noteInstructions read the draft markdown at a user-supplied path (default ~/.openclaw/workspace/contentDraft/latestDraft.md), count words/sections, and write outputs to an output directory (default ~/.openclaw/workspace/contentPolished). It does not transmit data externally or request credentials. This file I/O is expected for the purpose, but users should note the skill will read the specified file path and write files under the output directory. Also the polishing step is a placeholder and will not produce a real rewritten article as advertised.
Install Mechanism: noteNo install spec (instruction-only), which is low risk. However, the workflow depends on command-line tools (jq, sed, grep, wc, tr, date, mkdir, cat, printf, seq) — jq in particular is not universally available — but the skill declares no required binaries. The absence of declared dependencies may cause runtime failures or unexpected behavior.
Credentials: okThe skill declares no environment variables, no credentials, and no config paths. The instructions do not access other environment variables beyond typical shell variables and inputs. This is proportionate to the stated (file-based) functionality.
Persistence & Privilege: okalways is false and the skill is user-invocable. The skill writes files only under the resolved output directory and reads the specified draft file; it does not attempt to modify other skills, agent-wide settings, or request persistent privileges. No additional persistence privileges are requested.