Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Ai Social Media Content
v0.1.5Create AI-powered social media content for TikTok, Instagram, YouTube, Twitter/X. Generate: images, videos, reels, shorts, thumbnails, captions, hashtags. To...
⭐ 6· 2.1k·12 current·12 all-time
byÖmer Karışman@okaris
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to generate multi-platform social content and its examples use an external CLI (infsh) to run image/video/tts apps and to post to Twitter. That capability is plausible, but the skill declares no required credentials or config paths even though actions like posting tweets, using bytedance/seedance, or calling Claude/OpenRouter normally require API keys/accounts. The absence of any declared env vars or primary credential is inconsistent with the demonstrated functionality.
Instruction Scope
SKILL.md instructs the agent (and the user) to download and run infsh, run 'infsh login', and to run many 'infsh app run' commands including posting to twitter/post-tweet and calling TTS and model endpoints. The instructions do not ask the agent to read unrelated system files, but they do direct the user/agent to perform remote installs and interactive logins and to send data to many external services — the skill gives broad discretion to the CLI and does not document what credentials or data flows will occur.
Install Mechanism
There is no formal install spec in the registry; the SKILL.md recommends piping https://cli.inference.sh | sh (curl | sh). While the doc claims the installer verifies SHA-256 checksums from dist.inference.sh, piping a remote install script is higher risk and the domains (cli.inference.sh / dist.inference.sh) are third-party and not independently documented in the registry. This is a download-and-execute pattern that writes binaries to disk — it warrants verification before use.
Credentials
The skill requests no environment variables or primary credential yet calls services that will need authentication (Twitter posting, OpenRouter/Claude, Kokoro TTS, Bytedance/omnihuman, etc.). That mismatch means either the author expects credentials to be provided via the infsh login flow (not declared) or omitted them accidentally — both cases are a security/clarity problem because the user won't know what secrets will be requested or where they'll be stored.
Persistence & Privilege
always is false and the skill is instruction-only with no code files. It does not request permanent presence or attempt to modify other skills/configs. The main persistence concern is whatever the third-party infsh CLI does when you run 'infsh login' (token storage), which is external to the skill.
What to consider before installing
This skill appears to be what it claims (multi-platform content generation) but has several red flags you should address before installing: 1) Verify the installer: do not blindly run 'curl https://cli.inference.sh | sh' — inspect the script, confirm checksums from the claimed dist.inference.sh checksums.txt, and verify the domains are legitimate. 2) Credentials: expect to provide platform credentials (Twitter, Bytedance, OpenRouter/Claude, etc.) via the infsh login flow — ask how/where tokens are stored and revoke them if needed. The skill should have declared required env vars; the omission is a mismatch. 3) Least privilege: prefer to run the CLI in a sandbox/container and test with throwaway accounts before connecting production accounts. 4) Posting risk: commands include 'twitter/post-tweet' — be careful to avoid accidental public posting. 5) If you need stronger assurance, request the skill author to (a) declare required credentials and storage locations, (b) provide a signed release binary or a verifiable package source (e.g., GitHub release), and (c) avoid recommending curl|sh install without providing the exact checksum and verification steps. If you cannot verify the installer or the token handling, treat this skill cautiously or avoid installing it.Like a lobster shell, security has layers — review code before you run it.
latestvk97628kcf627xzbsn1dgcqd33d81cmgz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.