Smarter Content
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: smarter-content Version: 1.1.0 The skill bundle contains significant command injection vulnerabilities in `scripts/content-generator.js` and `scripts/style-mimic.js` due to the use of `execSync` with unsanitized string interpolation for content and URLs. While these flaws allow for potential Remote Code Execution (RCE), the overall logic appears functional and aligned with the stated purpose of content generation and style analysis. No evidence of intentional data exfiltration, persistence, or malicious backdoors was found, placing it in the 'suspicious' category rather than 'malicious'.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the fact-check step runs on content containing shell syntax, commands could execute on the user’s machine with the agent’s permissions.
Generated article content is interpolated into a shell command. Escaping quotes does not prevent shell substitutions such as $() or backticks, so normal article text or attacker-influenced text could trigger local command execution.
const cmd = `node ai-fact-checker/scripts/fact-check.js ... ${content.replace(...)} ...`; const result = execSync(cmd, ...);Replace shell-string execSync with execFile/spawn using an argument array, or call a reviewed fact-checker API directly. Do not pass article text through a shell.
Using the style-mimic feature with an untrusted or malformed URL could cause unintended local command execution or tool behavior.
The user-provided reference URL is embedded inside a shell-launched node command. If this path is runnable, a crafted URL can affect the shell command rather than being treated only as data.
const content = execSync(`node -e "... webFetch('${url}', { extractMode: 'markdown' }) ..."`, ...);Do not wrap webFetch in a shell command. Pass the URL as data to a normal function call, validate allowed URL schemes, and avoid node -e for user-controlled inputs.
Fact-checking may fail, or the runtime may execute whatever local helper matches the expected path, making provenance unclear.
The skill describes an external fact-checker as optional but also relies on it for the automatic workflow; the supplied package does not include or pin that helper.
`ai-fact-checker` - 用于写完自动核查事实准确性(推荐安装,可选但推荐)
Declare and pin external helpers, document exactly how they are installed, and avoid running relative-path helper scripts unless they are included and reviewed.
Users may over-trust generated articles and publish inaccurate content without independent review.
The documentation strongly implies factual accuracy is guaranteed, while the fact-checker is described elsewhere as optional and is implemented as a fallible helper.
内置 SEO 优化 + AI 事实核查保证准确性
Treat fact-checking as assistance, not a guarantee, and manually verify important claims before publishing.