Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Gumroad Launcher
v1.0.0Research a digital product niche, generate the product (ebook, template, script, checklist, or skill), write high-converting Gumroad sales copy, and publish...
⭐ 0· 27·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims end-to-end Gumroad publishing but the manifest declares no required credentials or env vars. The SKILL.md shows example API calls requiring an ACCESS_TOKEN and references a packaging script (package_skill.py) that is not included. Also calls out specific external accounts (Dawn's, MJ's) without explaining credential handling — these mismatches are disproportionate to the stated purpose.
Instruction Scope
Runtime instructions ask the agent to perform web_search, create files under ~/workspace/products/[slug]/, convert/zip files, and call Gumroad via web_fetch or exec. Using exec grants broad shell capability and the doc is vague about where/access tokens come from. The guidance to use another named account (Dawn) is unexpected and potentially risky. Overall the steps stay within the general product-publishing scope, but crucial operational details are missing or ambiguous.
Install Mechanism
Instruction-only skill with no install spec and no code files — minimal disk footprint and no third-party downloads. This is the lowest-risk install model.
Credentials
No required env vars are declared, yet the SKILL.md demonstrates API calls that require an Authorization bearer token (ACCESS_TOKEN). The presence of named external accounts (Dawn's, MJ's) further complicates credential handling. The skill should declare which credentials it needs (e.g., GUMROAD_ACCESS_TOKEN) and how they will be provided; its current omission is disproportionate and ambiguous.
Persistence & Privilege
Flags show always:false and no special persistence requests. The skill does request writing product files to ~/workspace/products/[slug]/ which is reasonable for its purpose and is not a system-wide persistence privilege.
What to consider before installing
Before installing or invoking this skill: 1) Ask the skill author to explicitly declare required environment variables (e.g., GUMROAD_ACCESS_TOKEN) and how they expect tokens to be provided — do not assume the skill will 'know' or fetch tokens. 2) Do not use or attempt to use credentials for third parties named in the doc (e.g., 'dawn@marathondm.com') unless you have explicit permission; clarify why those accounts are mentioned. 3) Verify the referenced packaging script (package_skill.py) exists and inspect it; running unknown packaging/upload scripts can execute arbitrary code. 4) If the agent will run exec/web_fetch calls, run it in an isolated environment (limited permissions, disposable workspace) and ensure secrets are supplied only via secure env vars, not embedded in prompts. 5) Confirm where product files are written and that nothing sensitive will be packaged or uploaded. 6) If you need higher assurance, request the author add explicit env var requirements, remove hardcoded account references, and provide minimal, clear examples showing how to supply an ACCESS_TOKEN securely. These changes would reduce the current ambiguities and make the skill safer to use.Like a lobster shell, security has layers — review code before you run it.
digital-productsvk97ds7ax5cc1cht7jc3b8wm52h84747rgumroadvk97ds7ax5cc1cht7jc3b8wm52h84747rlatestvk97ds7ax5cc1cht7jc3b8wm52h84747rpassive-incomevk97ds7ax5cc1cht7jc3b8wm52h84747rsalesvk97ds7ax5cc1cht7jc3b8wm52h84747r
License
MIT-0
Free to use, modify, and redistribute. No attribution required.