Automation Content Creator
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is coherent with content automation, but it is designed to run continuously and automatically publish to public accounts with little review or scoping.
Install only if you are comfortable giving it API keys and potential social-publishing authority. Use a test account first, require manual approval before posts go live, pin npm dependencies, restrict topics and platforms, monitor logs, and make sure there is an easy way to pause or revoke the automation.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
It could publish unwanted, low-quality, legally risky, or brand-damaging content to public accounts before the user reviews it.
The skill directs automation of public posting across multiple platforms with minimal human input, but does not describe a mandatory approval queue or safe limits for high-impact publishing actions.
- **Batch and schedule** posts across platforms (Instagram, TikTok, LinkedIn, Twitter/X) ... Run **completely autonomously** once configured — minimal human input needed
Require explicit user approval before scheduling or publishing each post, define allowed accounts/topics, add dry-run mode, and document rate limits and rollback/delete procedures.
Once configured, the system could continue scraping, generating, and publishing beyond the user's immediate oversight.
The artifacts describe long-running autonomous behavior, but do not specify lifecycle management such as stop controls, monitoring, notification, or expiration.
This skill builds a **fully automated content factory** that runs 24/7 ... Scrape the top viral content across multiple platforms every few hours
Add clear start/stop instructions, time-bounded schedules, logging, alerting, and a manual pause/kill switch before enabling continuous operation.
Users may grant API or social-account authority without understanding which accounts can be posted to, what data is sent to providers, or how to revoke access.
The skill asks for provider API keys and describes delegated publishing through scheduling services, while the registry metadata declares no credentials and the instructions do not bound the account permissions needed.
export APIFY_TOKEN=apify_api_xxxxxxxxxxxxxxxx ... export CLAUDE_API_KEY=sk-ant-xxxxxxxxxxxxxxxx ... Buffer │ Later │ Hootsuite │ Custom Webhook ... Posts queued, timed, and published automatically
Declare all required credentials, use least-privilege tokens, specify exactly which services/accounts are authorized, and document revocation and permission scopes.
A single flawed input or model output could spread across several public channels and keep influencing future generated content.
The workflow can turn one bad scrape, prompt, or generated post into a weekly schedule and distribute it across multiple public platforms, then reinforce the behavior through its feedback loop.
Generate a full weekly content calendar automatically ... Batch and schedule posts across platforms ... Track which generated content performs best and feed that signal back into the pipeline
Add containment controls such as staged drafts, per-platform approvals, sampling checks, maximum batch size, and human review before feedback is used to optimize future posts.
Prompt-like text in scraped posts could influence generated outputs if the implementation does not isolate it from instructions.
The skill feeds untrusted social-media content into an AI analysis pipeline; posts or comments could contain instructions that should be treated as data, not followed.
Apify scrapes the most viral content across TikTok, Instagram, YouTube, and Reddit ... Claude (OpenClaw) extracts the hooks
Delimit scraped content, label it as untrusted data, and instruct the model not to follow commands embedded in scraped posts.
Installing unpinned packages can produce different code over time or expose the environment to compromised dependencies.
The setup uses third-party npm packages without pinned versions or a lockfile in the provided artifacts. This is expected for the stated Node.js workflow, but users should notice the dependency provenance.
npm install apify-client axios node-cron dotenv
Pin dependency versions, use a package lockfile, install from trusted registries, and review dependency permissions before running the pipeline.