Blog Polisher
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a simple instruction-only markdown polishing skill; it reads and writes user-specified draft files, so users should choose paths carefully.
This skill appears safe for ordinary markdown blog polishing. Before installing, note that it will read the full draft path you provide, may show the raw draft in chat, and will write a polished file, so use non-sensitive drafts or a private channel and confirm the output path.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may display the full draft in the conversation and create a polished output file at the chosen path.
The skill directs the agent to read and write local files using user-supplied paths. This is expected for polishing a markdown draft, but incorrect paths could expose or modify unintended files.
Use your markdown read skill: `read_file --path {{input.draftPath}}` ... Use your markdown write skill: `write_file --path {{output.polishedPath}} --content [polished_md]`.Use this skill only with intended markdown drafts, verify the output path, and avoid sending private drafts through shared channels.
Users have less external information for verifying the publisher or project history.
The package has limited provenance information. Because it is instruction-only with no code, dependencies, or install script, this is a low-risk provenance note rather than a security concern.
Source: unknown; Homepage: none
Review the visible SKILL.md instructions before installing and prefer verified sources when available.