ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Product Marketing Context

v1.0.0

When the user wants to create or update their product marketing context document. Also use when the user mentions 'product context,' 'marketing context,' 'set up context,' 'positioning,' or wants to avoid repeating foundational information across marketing tasks. Creates `.claude/product-marketing-context.md` that other marketing skills reference.

2· 2.6k·32 current·33 all-time
by@michaelhoughtondebox
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the runtime instructions: creating/updating a marketing context file and optionally auto-drafting from repository artifacts (README, landing pages, package.json, docs) is coherent with the skill's stated goal.
Instruction Scope
Instructions direct the agent to check/create .claude/product-marketing-context.md and—if auto-drafting—to 'read the codebase' (README, landing pages, marketing copy, package.json, any existing docs). This is reasonable for drafting marketing context but means the agent will access arbitrary repo files, which can include sensitive information; the skill does not explicitly limit or exclude sensitive paths.
Install Mechanism
No install spec or code files are present (instruction-only). Nothing is written to disk by an installer; the only file creation described is the intended .claude/product-marketing-context.md document.
Credentials
The skill requests no environment variables, credentials, or config paths. There are no disproportionate secret requests.
Persistence & Privilege
always:false and normal model invocation behavior. The skill will create/update a single document in .claude as described; it does not request broader agent configuration or persistent system privileges.
Assessment
This skill is internally consistent and doesn't request credentials or install software, but it will read repository files if you pick the 'auto-draft from codebase' option. Before using that option: (1) confirm which folders/files the agent may read (or prefer to upload specific files), (2) remove or redact any secrets or private customer data from the repo, and (3) review the generated .claude/product-marketing-context.md for any accidentally included sensitive content. If you prefer tighter control, choose 'start from scratch' or explicitly instruct the agent which files to use/exclude.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c5s1w53hddhsxe56h5ny6h981019b

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments