Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Reddit Quote Carousel
v1.0.0Create an Instagram carousel from a popular-picks list with Reddit quotes. Cover slide uses "clean" style with "Top CATEGORY in Destination" title. Each attr...
⭐ 0· 612·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (build an Instagram carousel from Reddit quotes) is plausible, but the runtime instructions assume access to a local overlay script, to a 'tabiji' repo for hosting, and to publish-to-Instagram steps. None of those capabilities or required credentials are declared. The skill therefore asks for capabilities beyond what its metadata indicates.
Instruction Scope
SKILL.md tells the agent to fetch web pages, download candidate images, vision-score them, write a manifest to /tmp, run a hard-coded Python script at /Users/psy/.openclaw/.../overlay.py, and host/publish images in a tabiji repo and to Instagram. These instructions reference specific local filesystem paths, a repo write/publish flow, and external publish actions — all of which grant broader access than the skill's manifest shows.
Install Mechanism
There is no install spec (instruction-only), which is low-risk in itself, but the skill assumes the presence of a specific Python script in a user workspace and other tooling. That implicit dependency is not installed or declared, making the instructions non-portable and potentially failing or causing the agent to try to access unexpected local files.
Credentials
The skill declares no required environment variables or credentials, yet publishing to Instagram and hosting images in a repo normally require authentication tokens (Instagram API credentials, git credentials or CI deploy keys). The SKILL.md does not state how authentication is supplied, so secrets and access needed by the actions are missing from metadata — a proportionality mismatch.
Persistence & Privilege
always is false and the skill itself doesn't request permanent platform-level presence. However, the instructions direct writing to a code repo (img/instagram/) and running /Users/psy/... scripts — actions that could modify project state or require repository push permissions. That's a privilege/impact concern even though the skill doesn't set always:true.
What to consider before installing
This skill's description is plausible, but its runtime instructions assume local scripts, repository hosting, and Instagram publishing credentials that are not declared. Before installing or using it, ask the author: (1) Where does the overlay.py script come from? Provide an install or dependency manifest instead of a hard-coded /Users/psy path. (2) How will Instagram publishing and repo hosting be authenticated? The skill should explicitly declare required environment variables (Instagram token, git/CI deploy key) and request only those it needs. (3) Confirm licensing/copyright for using downloaded Instagram photos and for reprinting Reddit text; ensure proper attribution and permissions. If you proceed, test the skill in a sandboxed environment, do not provide broad credentials until you understand how they will be used, and prefer a version that documents installs and required secrets instead of relying on implicit local files.Like a lobster shell, security has layers — review code before you run it.
latestvk979yr9ver34dam0wbfjap72gn81a6ej
License
MIT-0
Free to use, modify, and redistribute. No attribution required.