content-pipeline
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for a content workflow, but it can automatically publish generated posts to social accounts without a clearly enforced final approval or account scope.
Use this only if you are comfortable with an agent-assisted pipeline that can reach social-media publishing. Prefer stage-by-stage mode, review generated images and captions before publishing, confirm the exact account and tags, and review the dependent planner, writer, design, publisher, and reporting skills separately.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Generated content could be posted publicly before a human verifies the final images, caption, target account, or collaboration tag.
The documented automatic path can proceed from content generation to social publishing, and the skip-review option explicitly removes approvals for a high-impact public action.
`--auto` — Auto-execute all stages ... `--skip-review` — Proceed without approval at each stage (risky) ... Execute social-publisher with images + caption
Require an explicit final confirmation before any publish action, make review mode the default, and clearly show the destination account, caption, media, and tags before posting.
A connected social account could be used in ways the user did not clearly authorize or review.
The artifacts describe posting to social accounts but do not declare or scope the credentials, account authority, or permissions needed for that action.
Primary credential: none; Required env vars: none ... Publish to Instagram/SNS ... Auto-publish to Instagram (tag collaboration account)
Declare the required social-publishing credentials, restrict them to the intended account and posting scope, and require user approval before using them.
Risk depends partly on other skills, especially the one that publishes to social media.
The skill delegates to multiple other skills/tools that are not included in this artifact set; this is expected for a meta-skill, but the safety of the workflow depends on those dependencies.
1. seo-content-planner ... 2. copywriting ... 3. cardnews ... 4. social-publisher ... 5. Performance tracking
Review and approve each dependent skill separately before enabling the full pipeline.
Old or tampered event files could cause the pipeline to publish or report on the wrong content.
The workflow reuses persisted event files as inputs for later stages, so stale or modified files could influence drafts, designs, publishing, or reports.
Each stage automatically reads previous stage results from `events/` directory
Review event files before reuse, keep the events directory scoped to this workflow, and clear or validate stale files before publishing.