ClawHub
Back to skill
v1.0.0

Reddit Quote Carousel Topaz

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:47 AM.

Analysis

The skill matches its carousel-making goal, but it can use local Keychain credentials to push files and publish to an Instagram account without clear approval gates.

GuidanceReview carefully before installing. Use it only if you want this agent to access the named Keychain credentials, use Topaz, push images through the tabiji hosting workflow, and publish to the specified Instagram account. Add a manual review-and-confirm step before any public post or repository change.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
SKILL.md
### Sub-agent 3: Publish to Instagram

1. Host images in tabiji repo (`img/instagram/`), git push, use raw GitHub URLs
2. Create carousel item containers
3. Create carousel container with caption
4. Publish
5. Get permalink
6. Cleanup hosted images + local temp files

This directs account and repository mutations, including public publishing, but does not state an explicit user approval, preview, account selection, or rollback gate before the post is made.

User impactThe agent could publish generated content publicly and change hosted repo files as part of the workflow.
RecommendationRequire a visible draft preview and explicit user confirmation before any git push, Instagram container creation, publish action, or cleanup.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
Find photos using `instagram-photo-find` workflow ...
python3 /Users/psy/.openclaw/workspace/skills/instagram-photo-text-overlay/scripts/overlay.py

The workflow depends on other local skills/scripts outside the provided artifact set, including a hardcoded user-specific path, so their provenance and behavior are not represented by this skill package.

User impactThe skill may fail or may run local helper code that the user has not reviewed as part of this package.
RecommendationReview and install the referenced helper skills separately, avoid hardcoded personal paths, and declare these dependencies in the skill metadata.
Unexpected Code Execution
SeverityLowConfidenceHighStatusNote
SKILL.md
TOPAZ_API_KEY=$(security find-generic-password -s "topaz-api-key" -w)

curl --request POST \
  --url https://api.topazlabs.com/image/v1/enhance

The skill documents shell commands that read Keychain data and call external APIs. This is purpose-aligned for Topaz enhancement, but users should notice that the instruction-only skill still expects local command execution.

User impactRunning the workflow can execute local commands and send selected images to the Topaz API.
RecommendationRun only after confirming the commands, installed tools, input image paths, and API destination are expected.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
SKILL.md
Keys from macOS Keychain:
- `instagram-access-token` — Graph API token
- `instagram-account-id` — IG user ID (17841449394591017)

## Topaz API Auth

- `topaz-api-key` — Topaz Labs API key (macOS Keychain)

The skill instructs use of local Keychain credentials for Instagram publishing and Topaz processing, while the registry metadata declares no primary credential or required environment variables.

User impactInstalling or invoking the skill may give the agent access to credentials that can use paid/provider APIs and publish to a specific Instagram account.
RecommendationOnly use this if you intend to grant those exact credentials; declare the credential requirements, limit token scopes, and verify the Instagram account ID before running.