XHS Viral Content Factory
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
Before installing, make sure you are comfortable sending the selected files and any history file to your configured LLM provider, use a trusted HTTPS endpoint and API key, and note that real PDF parsing is not evident in the included code. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill may consume quota or incur costs on the configured LLM account.
The script uses LLM_API_KEY as a bearer credential for the configured LLM API. This is expected for the stated integration and there is no evidence that the key is logged or sent to unrelated parties.
"Authorization": f"Bearer {api_key}"Use a dedicated or scoped API key where possible, monitor provider usage, and avoid sharing the key in prompts or files.
Private or sensitive material in the selected source folder or history file may be transmitted to the LLM provider.
The skill explicitly discloses that selected local file content is sent to the configured model provider for analysis and generation.
本技能会将您指定的本地文件内容通过加密的 HTTPS 请求发送至您配置的大模型供应商
Only point the skill at files you are comfortable sending to the configured provider, and prefer HTTPS endpoints from trusted providers.
Installing the dependency pulls code from the Python package ecosystem.
The skill declares a pip dependency on requests, which is normal for making API calls but still introduces a standard third-party package dependency.
install:\n - id: requests\n kind: pip\n package: requests
Install dependencies in a virtual environment and use trusted package indexes or pinned versions if your environment requires stricter supply-chain control.
Users may expect PDF extraction to work when the provided code does not implement real PDF parsing.
The description claims PDF support, but the included script only clearly reads UTF-8 text files and .md/.txt files in directories, so PDF support appears overstated.
支持从 PDF、Markdown 或文件夹提取内容
Treat PDF support as unverified unless the author adds a PDF parser or clarifies that PDFs must first be converted to text.