Newsletter Monetization
Security checks across malware telemetry and agentic risk
Overview
This is an instruction-only marketing workflow with no code or install-time behavior shown, but it asks users to use third-party scraping/video services and API tokens.
This skill appears safe to install as an instruction-only workflow, but only provide Apify/InVideo tokens if you intend to use those services, expect third-party processing and possible costs, and review all generated newsletters or videos before publishing.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Provider API calls may send your niche, audience, prompts, and generated content to external services and may incur account costs or be subject to site/provider terms.
The skill tells the agent to use external scraping and video-generation services, which is central to the stated newsletter-marketing purpose but still involves third-party tools and provider-side processing.
Apify — Google News Scraper ... Reddit Scraper ... Twitter/X Scraper ... LinkedIn Post Scraper ... InVideo AI | Produce 60-second video teasers
Approve provider usage intentionally, review scraping legality/terms for your use case, and treat generated newsletters/videos as drafts before publishing.
Anyone or any agent with these tokens may be able to use the associated provider accounts, potentially consuming credits or accessing provider resources.
The skill expects provider credentials for Apify and InVideo. That access is expected for the workflow, but the registry metadata does not declare required credentials.
"invideo_api_key": "YOUR_INVIDEO_API_KEY" ... "apify_token": "YOUR_APIFY_TOKEN"
Use scoped or limited tokens where possible, avoid pasting long-lived secrets unnecessarily, monitor provider usage, and rotate tokens if exposed.
A user may over-trust generated business, monetization, or marketing content without checking quality, compliance, originality, or accuracy.
The language is promotional and overstates automation certainty. No deceptive code or hidden action is shown, but users should not treat the outputs as automatically reliable or publication-ready.
Get a complete newsletter system ... Your newsletter empire on autopilot. ... This skill solves all three. Forever.
Review all generated content, sponsor suggestions, affiliate claims, and video teasers before using them publicly.