ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Topic to Article Kit

v1.0.5

Turn a chosen AI topic into a public-account writing package: collect evidence from X/Twitter and other sources, extract high-value comments, and produce title options + structured outline written into Obsidian. Use when user asks for topic-based research and article prep.

1· 1.6k·7 current·7 all-time
by@rotbit

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for rotbit/topic-to-article-kit.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Topic to Article Kit" (rotbit/topic-to-article-kit) from ClawHub.
Skill page: https://clawhub.ai/rotbit/topic-to-article-kit
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install rotbit/topic-to-article-kit

ClawHub CLI

Package manager switcher

npx clawhub@latest install topic-to-article-kit
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The declared purpose (collect web evidence and produce Obsidian notes) matches the behavior in SKILL.md, however the skill instructs the agent to write directly into the user's real Obsidian vault using absolute paths and to verify files there. The metadata did not declare any required config paths, permissions, or environment variables to justify direct filesystem access. Requesting write/read access to arbitrary user vault paths is a disproportionate capability relative to the simple research/outline purpose without explicit permission or path declaration.
!
Instruction Scope
SKILL.md explicitly tells the agent to: (a) collect evidence from web sources (x.com, HN, TechCrunch, GitHub), (b) extract high-value comments, (c) control browser tabs (open/close, limit to 7), and (d) Always write to the real Obsidian Vault visible directory (absolute path) and verify files exist there. These file-system and browser-control instructions go beyond content generation and require runtime access to the user's filesystem and browser tooling. The directive to always write to the user's real vault (never the workspace mirror) is particularly risky and is not constrained or clarified.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so there is no installation risk. Nothing will be written to disk by an installer, but the runtime instructions themselves request filesystem writes.
!
Credentials
The skill declares no required env vars or config paths, yet its instructions require writing to and verifying files in the user's Obsidian vault (absolute paths). That is a mismatch: either the skill should declare the config path permission or request explicit path input from the user. Also, controlling the browser implies use of tooling that may have access to session data; none of this is reflected in the declared requirements.
!
Persistence & Privilege
always is false (good), and autonomous invocation is allowed by default. But combined with instructions to access the user's filesystem and control browser tabs, autonomous invocation increases the blast radius: the agent could autonomously read/write files and browse sites unless the platform enforces prompts. The skill does not request or document safeguards like explicit user confirmation before file writes.
What to consider before installing
This skill appears to do what it says (collect web evidence and write Obsidian notes) but its instructions require direct writes to your real Obsidian vault and browser control while the metadata declares no filesystem/config permissions. Before installing or invoking it, consider: 1) Ask the skill author (or require the agent) to prompt you for the exact absolute vault path on every run rather than using a default. 2) Require an explicit user confirmation before any file write, and request a preview of proposed file names/contents. 3) Run it first in a sandbox or against a workspace mirror copy of your vault to confirm behavior and avoid accidental overwrites. 4) Back up your Obsidian vault before use. 5) If you don't want the agent to control your real browser, restrict it to a browser automation environment or disable autonomous invocation. 6) If possible, require the skill to declare any config paths or tools it needs (e.g., browser automation hooks) so you can reason about permissions. These steps reduce the risk of accidental data writes or unintended data exposure.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cqrexmg3fse06986ybx3yn180x29r
1.6kdownloads
1stars
6versions
Updated 13h ago
v1.0.5
MIT-0
@rotbit
latest
Download

Topic to Article Kit

  1. Input: user-selected topic (or propose topic candidates).
  2. Collect evidence from:
    • X/Twitter official pages first (x.com profile/search/status), then other public sources as supplement
    • HN / TechCrunch / GitHub / other public sources
  3. Collect X high-value comments (facts, counterpoints, implementation details).
  4. Build deliverables in Obsidian (minimal structure):
    • one folder per article: OpenClaw/项目/公众号写作/<日期_标题>/
    • 资料包.md(facts, data, links, comment excerpts)
    • 大纲.md(with inline citation markers to 资料包)
  5. Always write to the real Obsidian Vault visible directory first (absolute path under user's real vault), never workspace mirror paths.
  6. Before finishing, verify files exist in the real Obsidian visible directory and report that relative path to user.
  7. Keep output minimal and readable (no extra draft/final folders unless user asks).
  8. Control browser tabs like production workflow:
    • max 7 tabs at once
    • close finished tabs before opening new ones
    • close all temporary tabs at end (target 0)

Required output

  • 文章目录(按“日期_标题”命名)
  • 资料包.md(含来源链接和评论摘录)
  • 大纲.md(含可引用资料标注)
  • 5-10标题候选(写在大纲顶部)
  • X/Twitter 证据优先来自 x.com 官方页面(并在资料包注明链接)

Comments

Loading comments...