Technical Blog Writing
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: technical-blog-writing Version: 0.1.5 The skill is classified as suspicious due to the inclusion of `curl -fsSL https://cli.inference.sh | sh` for installation, which executes a remote script directly, and more critically, the instruction to use `infsh app run infsh/python-executor` in SKILL.md. This `python-executor` capability allows the AI agent to execute arbitrary Python code, creating a significant prompt injection vulnerability that could lead to remote code execution if the agent is manipulated. While the provided examples are benign and align with the stated purpose, the inherent risk of these capabilities warrants a 'suspicious' classification.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill may require trusting an external installation script and downloaded CLI binary.
The skill directs the user to install a third-party CLI from a remote script. This is disclosed and user-directed, but it is not represented by a formal install spec.
curl -fsSL https://cli.inference.sh | sh && infsh login
Review the inference.sh installation instructions and checksum information before running the install command.
The skill may operate through the user's inference.sh account once configured.
The workflow requires logging into the external inference.sh service, even though the registry metadata declares no primary credential.
infsh login
Use an account and permissions appropriate for this writing workflow, and avoid entering unrelated credentials.
The agent can invoke inference.sh tooling for research or content-generation tasks when the skill is used.
The skill allows Bash execution of infsh commands, including remote app runs for search and image generation. This is purpose-aligned but gives the agent operational access to that CLI.
allowed-tools: Bash(infsh *)
Review generated commands before use, especially if they include sensitive text, proprietary topics, or publication-ready assets.