ClawHub

Social Post Generator Agent

v1.0.0

Take a blog post URL or text and generate social media posts from it. Use when repurposing content for Twitter, LinkedIn, or creating promotional posts.

0· 65·0 current·0 all-time
by@kryzl19
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (generate social media posts from an article) matches the provided scripts and declared requirement (curl). Requiring curl is appropriate because the scripts fetch URLs.
Instruction Scope
Runtime instructions are scoped to reading an input URL or file, fetching content with curl, extracting text, and printing generated posts. Minor inconsistencies: SKILL.md mentions a --dry-run flag but none of the scripts implement option parsing for --dry-run; SKILL.md also mentions 'web_fetch' while the scripts use curl (equivalent in effect). The scripts only read the provided input file/URL and create a local cache directory under the skill directory; they do not transmit data to third-party endpoints beyond the initial curl fetch of the user-supplied URL.
Install Mechanism
No install spec; instruction-only plus included shell scripts. Nothing is downloaded or written outside the skill's directory except the created cache directory. This is low-risk compared with remote installers.
Credentials
No required secrets or credentials. The scripts honor optional environment variables documented in SKILL.md (PLATFORM, TONE, BRAND_NAME, HASHTAGS). No unrelated env vars or credential access is requested.
Persistence & Privilege
always is false and the skill does not request elevated persistence. Scripts create and use a cache directory under the skill folder only and do not modify system or other-skill configuration.
Assessment
This skill is internally consistent and appears benign, but review before use: 1) The scripts fetch whatever URL you pass with curl — avoid pointing it at internal/private endpoints or URLs that require authentication (could leak internal content to the terminal). 2) The SKILL.md mentions a --dry-run flag, but the provided scripts don't implement it; expect the scripts to always print output and create a cache directory under the skill folder. 3) The scripts use grep -P (PCRE); some environments' grep builds lack -P and extraction may fail. 4) No credentials are requested, but generated content comes from source text — check that source content doesn't contain sensitive PII you wouldn't want copied into social posts. If you plan to run this in an automated agent with network access, consider the implications of allowing the agent to fetch arbitrary URLs.

Like a lobster shell, security has layers — review code before you run it.

automationvk971f89f69qx6dtcb1gcecvhs583jerncontentvk971f89f69qx6dtcb1gcecvhs583jernlatestvk971f89f69qx6dtcb1gcecvhs583jernsocialvk971f89f69qx6dtcb1gcecvhs583jerntwittervk971f89f69qx6dtcb1gcecvhs583jern

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binscurl

Comments