ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Brand Identity Analyzer

v1.1.0

Analyze brands to generate comprehensive brand identity profiles (JSON). Use when the user wants to analyze a brand, create a brand profile, or needs brand data for ad generation. Stores profiles for reuse across Ad-Ready, Morpheus, and other creative workflows. Can list existing profiles and update them.

2· 1.8k·0 current·0 all-time
byPaul de Lavallaz@pauldelavallaz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (brand identity analysis) aligns with the included script and SKILL.md: it uses Google-backed Gemini to produce brand JSON and can save profiles for Ad-Ready. However the registry metadata lists no required env vars or credentials while both SKILL.md and scripts require a GEMINI_API_KEY and optionally AD_READY_BRANDS_DIR; that mismatch is an incoherence.
!
Instruction Scope
SKILL.md explicitly instructs the agent to research Google Search/Images and Pinterest and to produce and store JSON profiles. Critically, it mandates pushing every new profile to a GitHub repo (cd ~/clawd/ad-ready; git add; git commit; git push). That push step is treated as non-optional in the docs but no GitHub credentials or remote safety checks are declared. The instructions also require provenance verification of images — which may cause the agent to download/collect external images. These behaviors go beyond simple local analysis and could cause data to be uploaded/shared unintentionally.
Install Mechanism
There is no install spec (instruction-only), which minimizes disk writes at install time. The analyze.py file contains header comments indicating a dependency on google-genai, but no automated installer is provided. The absence of an install step is coherent with an instruction-only skill but means the user must install python deps manually; that has operational friction but not immediate risk.
!
Credentials
The registry declares no required env vars, yet SKILL.md and the script require GEMINI_API_KEY and optionally use AD_READY_BRANDS_DIR. Furthermore, the mandatory GitHub push requires the user's git credentials to be present and used — that credential access is not declared. Requesting a general-purpose API key and implicitly relying on a user's git auth without declaring them is disproportionate and opaque.
Persistence & Privilege
The skill does write brand JSON to a path under the user's home by default (~/clawd/ad-ready/configs/Brands). always:false (not force-installed) and it does not declare autonomous always-on privileges. Still, the non-optional workflow step to push to a remote git repo increases persistence and blast radius: generated profiles are expected to be stored in a repo (potentially public) every time a new profile is made.
What to consider before installing
Before installing or running this skill, verify these points: (1) GEMINI_API_KEY is required though the registry says no env vars — only provide API keys you trust and prefer to use a least-privileged key. (2) The SKILL.md mandates pushing generated profiles to a GitHub repo; confirm whether that repo is private and whether you are comfortable committing generated content (which may include scraped images or third-party material). (3) The script depends on google-genai (commented in the file); install dependencies in an isolated virtualenv or sandbox and review the full script (the provided file appears truncated in the listing) to confirm it does not auto-upload files or call unexpected endpoints. (4) If you do not want automatic or enforced pushes, remove or modify the 'MANDATORY: Push to GitHub' step or ensure it points to a secure private repo. (5) Ask the publisher to update registry metadata to declare GEMINI_API_KEY and any AD_READY_BRANDS_DIR use, provide an install spec for dependencies, and clarify whether the script ever automatically runs git push or requires manual user consent. If you cannot verify these, treat this skill as risky and run it only in an isolated environment with limited credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk97794x1myr0tx2fdj0es2cpcx80jvmh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments