Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Omni Channel Agent
v1.0.0全渠道选品 Agent — 拉齐社媒端、SEO端、投放端数据,帮助运营同学确定待上线需求。触发词:选品、社媒热点、SEO调研、竞品广告、Facebook Ads、TikTok趋势。
⭐ 0· 83·1 current·1 all-time
by@lygjoey
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code modules (Apify client, sources for TikTok/Instagram/YouTube/Reddit/Semrush/Facebook Ads, Slack formatter) line up with the 'omni-channel' scraping/aggregation purpose. However the registry metadata claims no required environment variables or primary credential while SKILL.md and code clearly require APIFY_TOKEN and SEMRUSH_API_KEY (and optionally a Notion token). That metadata mismatch is an incoherence to be aware of.
Instruction Scope
SKILL.md tells the agent/user to run bundled Python scripts which call Apify and Semrush (expected), but also contains operational guidance to remove SIMs, use VPN/proxies and create region-specific accounts to 'overcome geographic fences' — instructions that encourage evasion of platform/geolocation controls and may violate third-party terms. The file also contains a prompt-injection detector hit (unicode-control-chars) suggesting hidden control characters may be present in SKILL.md to manipulate an LLM/agent. The runtime instructions do not ask to read unrelated local secrets/files, but the evasion guidance and hidden-character signal are concerning.
Install Mechanism
No install spec is provided (lower install risk). All code is packaged in the skill and uses only standard libraries (apify_client uses urllib). There are no remote downloads or archive extraction steps in an install script.
Credentials
The environment variables required by the runtime (APIFY_TOKEN, SEMRUSH_API_KEY, optional NOTION token) are sensitive but conceptually proportional to the stated scraping/SEO tasks. The problem is that the registry metadata does not declare them, so automated permission checks or users looking at registry info could miss that the skill will require/expose those credentials at runtime.
Persistence & Privilege
Skill is not marked always:true and does not request special platform privileges. It appears to only write output files under its own output/ directory. There is no evidence it modifies other skills or system-wide configurations.
Scan Findings in Context
[unicode-control-chars] unexpected: Hidden Unicode control characters in SKILL.md are not needed for a scraping/reporting skill and may be an attempt at prompt/agent manipulation; this should be inspected and removed or explained by the author before trusting the skill.
What to consider before installing
This skill appears to implement the scraping and reporting it advertises, but before installing or running it: 1) Expect to provide at least APIFY_TOKEN and SEMRUSH_API_KEY (and optionally a Notion token) — do not supply production or highly privileged keys; use scoped or throwaway credentials where possible. 2) The registry metadata failing to list required env vars is an inconsistency — ask the publisher to correct it. 3) SKILL.md includes guidance (remove SIM, use proxies, create region accounts) that encourages bypassing platform/geolocation protections; consider legal and ToS risks and avoid following those steps if they would violate policies. 4) Inspect SKILL.md for hidden/control characters (the scanner found unicode-control-chars) and review code (apify_client.py, sources/*) yourself or in a sandbox before running. 5) Run first in an isolated environment, with limited API tokens and review the output files, and if you rely on this for business decisions, have a human validate trends (the skill itself states human judgment is required).Like a lobster shell, security has layers — review code before you run it.
latestvk97c18bkxkfje35qftexpnazjn83tfex
License
MIT-0
Free to use, modify, and redistribute. No attribution required.