ClawHub

Amazon Product Photography

v1.0.0

Plan Amazon product photography for maximum conversion. Shot lists, lighting setups, infographic briefs, lifestyle scene planning, and image optimization fol...

1· 84·0 current·0 all-time
bynexscope-ai@nexscope
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, and listed capabilities (shot lists, lighting, infographic briefs, platform requirements) are consistent. Supported platforms and outputs described match the photography planning purpose.
Instruction Scope
SKILL.md instructs the agent to collect user-provided product/context info, ask a single follow-up, and produce structured recommendations. It does not direct reading of local files, system config, or unrelated environment variables, nor does it direct data to third-party endpoints beyond citing public resources for reference.
Install Mechanism
Registry has no install spec (instruction-only), which is low risk. The SKILL.md contains an example 'npx skills add nexscope-ai/…' command and GitHub links — these are documentation only in the bundle but would fetch remote code if executed by the user. If you intend to run that npx command, review the referenced package/repo before executing.
Credentials
The skill declares no required environment variables, credentials, or config paths. The functionality (advice and planning) does not justify any secrets or system credentials, so the lack of requests is proportionate.
Persistence & Privilege
always is false and disable-model-invocation is false (normal). The skill does not request persistent agent-level privileges or modification of other skills/configuration.
Assessment
This skill is instruction-only and appears coherent with its stated purpose. Before installing or running any provided 'npx' command, inspect the referenced package/repository (nexscope-ai/eCommerce-Skills) because 'npx' will fetch and execute remote code. No credentials are requested by the skill, so there's no built-in secret-exfiltration vector. Consider whether you’re comfortable sharing product details and images (user data privacy) when using the skill, and review any external links/repositories for code you might install.

Like a lobster shell, security has layers — review code before you run it.

latestvk9794d0m7xr0t8vy3m4km7rayn83j9gj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments