Generated source template injection
Critical
- Finding
- User-controlled placeholder is embedded directly into generated source code.
lanbow-claw-skill
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is coherent for managing Meta ads, but it uses powerful ad-account credentials and an external CLI that can launch or change paid campaigns.
Install only if you trust the `lanbow-ads` CLI and are comfortable granting Meta ad-management access. Use secrets or environment variables for tokens, keep permissions as narrow as possible, and manually approve any campaign launch, status change, budget change, or credential storage step.
Static analysis
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
If misused, these credentials could allow changes to paid advertising assets or access to ad account data.
Why it was flagged
The skill asks for Meta permissions and tokens that can manage ads and business assets; this is expected for ad delivery but is high-impact credential access.
Skill content
select permissions: `ads_management`, `ads_read`, `business_management` ... Copy the generated Access Token and send it to me
Recommendation
Use platform secret fields or environment variables instead of chat when possible, grant the minimum scopes needed, confirm the ad account ID, and revoke or rotate tokens after use.
What this means
Campaign activation or budget changes could create real advertising spend or disrupt existing campaigns.
Why it was flagged
The documented CLI can update campaign status and budgets, which is central to the ads-management purpose but can spend money or alter live campaigns.
Skill content
`campaigns update <campaign-id>` ... `--status <status>` ... `--daily-budget <cents>` ... `--lifetime-budget <cents>`
Recommendation
Require a clear user confirmation for campaign activation, budget changes, status changes, and optimization actions; prefer creating campaigns paused until reviewed.
What this means
The external CLI will handle Meta credentials and campaign operations, so its trustworthiness matters.
Why it was flagged
The reviewed skill depends on an external `lanbow-ads` executable, but that executable's source and implementation are not part of the provided artifacts.
Skill content
Source: unknown ... Required binaries (all must exist): lanbow-ads ... No install spec — this is an instruction-only skill.
Recommendation
Install `lanbow-ads` only from a trusted Lanbow source, verify the version, and avoid using an unexpected binary with the same name on the PATH.
What this means
If the wrong path is supplied, the agent could read an unintended local image or file for creative processing.
Why it was flagged
A user-supplied image path is used in a shell command to read and encode a local file; this appears purpose-aligned for creative generation, and the variable is quoted, but path selection still matters.
Skill content
IMAGE_BASE64=$(base64 -i "${product_image_path}")Recommendation
Only provide explicit paths to intended creative assets, avoid sensitive directories, and validate file paths before running generation commands.