ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

public-relations

v1.0.0

When the user wants to plan PR, write a press release, or manage media relations. Also use when the user mentions "public relations," "PR," "press release,"...

0· 119·0 current·0 all-time
by@kostja94
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description (PR, press releases, media relations) match the instructions: structure, lead, quote, boilerplate, and guidance for writing are all appropriate for the stated purpose.
!
Instruction Scope
SKILL.md instructs the agent to read .claude/project-context.md or .cursor/project-context.md (Sections 2,3,8) when present. The manifest lists no required config paths. Asking the agent to read workspace files is reasonable for contextual PR work, but the instructions access files that were not declared — this mismatch should be explicit so users understand what data the skill will read.
Install Mechanism
Instruction-only skill with no install spec or code files. This minimizes supply-chain risk — nothing is downloaded or written by the skill itself.
Credentials
Skill declares no environment variables or credentials and does not request external secrets. However, it expects to read local project-context files for positioning, value props, and brand voice; those files can contain sensitive business information. The absence of declared config paths is an omission.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request persistent presence or system-level changes. Autonomous invocation is allowed (default) but not combined with other high-risk indicators.
What to consider before installing
This skill appears to be what it says: a PR/press-release writing guide. The main issue is that its instructions tell the agent to read project-context files (.claude/project-context.md or .cursor/project-context.md) but the manifest doesn't declare those config paths. Before installing or enabling the skill, consider: 1) Do those project-context files contain sensitive business information (financials, unreleased product details, partner data, or credentials)? If so, either remove sensitive content or avoid granting the agent access. 2) Ask the skill author to declare the config paths in the manifest so the behavior is explicit. 3) If you allow the agent to run, monitor and limit its workspace/file access (or run in a compartmentalized project) to reduce accidental leakage. Because this is instruction-only and doesn't install code, supply-chain risk is low — but the privacy concern around reading undeclared workspace files is the reason for a 'suspicious' rating.

Like a lobster shell, security has layers — review code before you run it.

latestvk97074wkvf6pbtqv1zwky1hahs8332f4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments