ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Seo Blog Writer

v3.2.0

Fully automated SEO article writer. Give it a topic and domain — it handles everything: auto-discovers product context, researches keywords, analyzes competi...

0· 53·0 current·0 all-time
by@justinbao19
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (automated SEO article writer) aligns with the requested capabilities: web search, fetching links, and writing drafts/reports to disk. Requesting disk writes and web_fetch for link verification is coherent. One small mismatch: SKILL.md asks for 'exec' access (curl/grep) when spawning subagents even though registry metadata lists no required binaries — this is plausible but worth noting.
!
Instruction Scope
The SKILL.md instructs the agent to create workspaces, write files incrementally, perform read/grep verification, and run curl/web_fetch to check links. Critically, it explicitly tells the agent how to spawn a subagent with security: 'full' to enable exec-based checks. Those instructions go beyond simple web API calls and actively ask for the ability to run system commands and modify local disk, which increases risk if granted.
Install Mechanism
No install spec and no code files — instruction-only skill. This lowers risk because nothing arbitrary will be downloaded or installed by the skill itself.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. It also does not demand unrelated service tokens. That is proportionate to its stated purpose.
!
Persistence & Privilege
always:false (no forced persistence), but the skill tells the agent to spawn subagents with 'security: "full"' to gain exec and disk access for long-running tasks. While not automatically applied, the explicit instruction to request elevated subagent privileges is a notable privilege-escalation vector and should be approved only after user review.
What to consider before installing
This skill appears to do what it says (research, write, verify links) and has no install or required secrets — good. However, its runtime instructions ask the agent to spawn a subagent with 'full' security so it can run shell commands (curl/grep) and write files incrementally. Only grant that level of access if you trust the skill and the platform prompts you with a clear, limited scope (which directories, which commands). If you prefer less risk: run the skill in your main session (as the SKILL.md suggests) so you control any file/network operations, or deny subagent exec permissions and accept a reduced feature set (no curl-based link checks or automated disk writes). Also audit any product_context files you supply so they don't contain secrets, and test the skill on a throwaway output directory first.

Like a lobster shell, security has layers — review code before you run it.

blogvk97bnz8hasqxgryt1vg3ff6mt18417zbcontentvk97bnz8hasqxgryt1vg3ff6mt18417zblatestvk97dz5wj864tq8qy9wjjzfev9184c7mbseovk97bnz8hasqxgryt1vg3ff6mt18417zbwritingvk97bnz8hasqxgryt1vg3ff6mt18417zb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments