v1.0.0

log-polish-enus-images

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:05 AM.

Analysis

This appears to be a local blog-polishing workflow with no evidenced credential use or data exfiltration, but users should notice that it reads/writes local files, stores draft content in workflow state, and has an undeclared jq dependency.

GuidanceThis skill looks safe to install from the provided artifacts if you are comfortable with it reading a local markdown draft and writing output files. Keep file paths inside your workspace, make sure jq is installed, and review the generated article because the visible workflow appears to create placeholder polished content rather than a fully rewritten blog post.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

draftPath="${input_draftPath:-$HOME/.openclaw/workspace/contentDraft/latestDraft.md}" ... mkdir -p "$outputDir" ... content=$(cat "$draftPath") ... echo -e "$polished_content" > "$polishedPath"

The skill uses shell commands and user-configurable paths to read a draft and write output files. This is expected for the stated purpose, but it gives the workflow local file read/write capability.

User impactThe skill can read the selected draft file and create or overwrite an output markdown file where the configured path points.

RecommendationUse intended workspace paths, review the chosen draftPath/outputDir, and check generated files before relying on them.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceHighStatusNote

SKILL.md

metadata:\n  openclaw:\n    requires: [] ... imagePaths_json=$(printf '%s\n' "${image_paths[@]}" | jq -R . | jq -s .)

The skill declares no required binaries but uses jq in the workflow. This is an incomplete dependency declaration rather than evidence of malicious behavior.

User impactThe skill may fail or behave differently on systems where jq is not installed.

RecommendationEnsure jq is available before use, or the skill publisher should declare it as a required binary.

Human-Agent Trust Exploitation

SeverityLowConfidenceMediumStatusNote

SKILL.md

description: Polish a technical blog draft into an 1000–1200 word, 4-5 section en-US article ... polished_content="# $title\n\n## Introduction\nContent polished and restructured..."

The stated capability promises a polished article, while the shown workflow constructs placeholder content. This is a quality and expectation mismatch users should notice.

User impactUsers could receive output that looks structured but is not actually a polished article.

RecommendationReview the generated markdown carefully and do not publish it without checking that the draft was actually rewritten as intended.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceMediumStatusNote

SKILL.md

content=$(cat "$draftPath")\n      save_state content

The draft file content is copied into workflow state. That is purpose-aligned for processing a blog draft, but it is still storage of user-provided content.

User impactDraft text may remain available to later workflow steps or state handling mechanisms, depending on how OpenClaw stores state.

RecommendationAvoid processing confidential drafts unless the state-retention behavior is acceptable.