ClawHub

E-Commerce Video Marketing

v1.0.0

Develop video marketing strategies tailored for e-commerce brands, including product demos, UGC, live streams, and platform-specific optimization across Amaz...

0· 52·0 current·0 all-time
bynexscope-ai@nexscope
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (e-commerce video marketing) match the SKILL.md capabilities. The skill only provides strategy and workflows and does not claim to perform platform actions that would require unrelated credentials or system access.
Instruction Scope
SKILL.md contains only guidance, templates, and sample prompts. It does not instruct the agent to read files, access environment variables, call external endpoints, or perform actions outside the marketing guidance scope.
Install Mechanism
The registry contains no install spec and no code files (lowest risk). The SKILL.md includes a suggested npx install command (npx skills add nexscope/ecommerce-video-marketing) — this is a user-facing hint, not an automated install. If a user runs that npx command, it would fetch and execute code from npm, so verify the npm package/author before running.
Credentials
The skill declares no required environment variables, credentials, or config paths. That is proportionate for a strategy/advice skill which does not integrate directly with platform APIs.
Persistence & Privilege
Skill is not marked always:true and has no install-time persistence in the registry. Default autonomous invocation is allowed by platform policy but is not combined with any broad privileges or credential access here.
Assessment
This skill appears to be a harmless, instruction-only marketing advisor. Before installing or running any suggested npx command, review the referenced npm package and its publisher (nexscope) and inspect the package contents if possible — npx executes remote code. If you later want the agent to post or upload content to Amazon, TikTok, YouTube, or Instagram, provide API keys only to trusted integrations and avoid pasting secrets into casual prompts. If you need stronger assurance, ask for the actual npm package name or a link to the package repository and review its source before running.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b6807z525fvqayyvhbqkz3h841yj9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments