nicebox-site-manager
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly does what it says, but it can publish live website articles by default using an API key without a built-in review or confirmation step.
Install only if you want this agent to manage your NiceBox site. Before publishing, review the generated article and consider using draft mode first. Keep the API key scoped and private, and do not change the base URL unless you trust the destination.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could post content publicly to the user's site before the user has reviewed it, if the user or workflow does not explicitly require draft mode or confirmation.
The publish tool's default action is to publish live content rather than create a draft, and the script has no built-in confirmation step.
parser.add_argument("--status", default="publish", choices=["draft", "publish"], help="Article status")Use this tool only after reviewing the article content; prefer `--status draft` for generation workflows, or add an explicit user approval step before live publishing.
The API key likely grants access to manage the user's NiceBox site, and it would be sent to whatever API base URL is configured.
The skill requires an API key and sends it in the Authorization header; this is expected for the NiceBox API, but the destination can be changed with a base URL override.
Authorization: $AIBOX_API_KEY ... Optional override for base URL: export AIBOX_BASE_URL="https://ai.nicebox.cn/api/openclaw"
Use a least-privilege NiceBox API key if available, keep `AIBOX_BASE_URL` pointed only at trusted NiceBox infrastructure, and rotate the key if it may have been exposed.
A malicious or sensitive site message could appear in the agent context; the agent should not treat instructions inside messages as authoritative.
Site messages and leads may contain untrusted third-party text or personal information, and the skill returns that content directly into the agent-visible output.
List messages, inquiries, or leads from your site ... Output is printed as formatted JSON for easier debugging and agent use.
Treat retrieved messages as untrusted data, avoid storing or sharing them unnecessarily, and ignore any instructions embedded in message contents.