ghost-blog-writer
ReviewAudited by ClawScan on May 13, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
Install only if you are comfortable giving the agent a Ghost Admin API key for the target site. Prefer draft mode first, review the generated article manually, and only use --publish or --publish-at when you intentionally want the post to go live or be scheduled. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with publishing flags, the agent can make content public or schedule it on the user's Ghost site.
The skill can mutate a Ghost CMS account by creating, publishing, or scheduling posts. This is purpose-aligned and has a draft default, but users should notice the high-impact publishing flags.
Default state is **draft** — the post lands in Ghost admin for human review before going live, unless `--publish` or `--publish-at` is passed.
Use the default draft mode for review unless you intentionally want live publishing, and verify the final post before using --publish or --publish-at.
Anyone or any agent with this key may be able to create or publish content through the Ghost integration.
The skill requires a Ghost Admin API key to authenticate and post to the Admin API. This is expected for the stated purpose, but it is sensitive account authority.
`GHOST_ADMIN_KEY` | Integration -> **Admin API Key** | `<24-hex>:<64-hex>` combined
Use a dedicated Ghost integration key, keep it out of source control, avoid sharing logs or prompts containing it, and rotate it if exposed.
A user relying only on registry metadata could miss that the skill needs a sensitive Ghost Admin API key.
The registry metadata under-declares the credential and environment-variable requirement, even though SKILL.md discloses it clearly.
metadata: "Required env vars: none ... Primary credential: none"; SKILL.md: "Two values are required... `GHOST_URL` ... `GHOST_ADMIN_KEY`"
Treat GHOST_ADMIN_KEY as a required sensitive credential before enabling the skill, despite the registry metadata not listing it.