Back to skill
Skillv1.0.0
ClawScan security
Google Blogger · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 4, 2026, 9:20 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files, instructions, and requested access are coherent with a Blogger CLI that uses Google OAuth and local HTML/post metadata for publishing — no unrelated credentials, obscure network endpoints, or unusual install steps were found.
- Guidance
- This skill appears to do what it says: manage Blogger via Google OAuth and local HTML/metadata. Before installing or running it, review these points: (1) OAuth: you must create/download Google OAuth client credentials and the tool will save access/refresh tokens to ~/.config/gblog/token.json — treat that file as sensitive. (2) Local files: bulk/auto-publish scripts read and may update files under ~/.openclaw/workspace/... (posts.json and HTML files) and can modify posts.json if you use the --update-json option — back up those files beforehand. (3) Inspect scripts: the repository is bundled with Python scripts; if you don't trust the source, review them (notably gblog.py implements auth and API calls). (4) Least privilege: create an OAuth client with appropriate scopes and use it only for the blog/account you intend to manage. (5) Minor documentation mismatch: SKILL.md/README mention scripts like auth.py/blogger_api.py while the provided main script is gblog.py (functionality is present but filenames differ) — this is likely benign but worth noting. If you want stronger assurance, run the scripts in a sandboxed environment or inspect the files line-by-line before running authentication or publish commands.
Review Dimensions
- Purpose & Capability
- okName/description (Blogger CLI) align with the code and SKILL.md: the scripts call the Blogger API, implement OAuth flows, list/edit/post/delete posts, and include bulk-publish/monitoring tools. The included scripts operate on local HTML and posts.json files (used for bulk publishing), which is reasonable for a tool that publishes local content to Blogger.
- Instruction Scope
- noteRuntime instructions ask the user to place Google OAuth credentials at ~/.config/gblog/credentials.json and run `gblog auth`; the scripts will read/write ~/.config/gblog/token.json and a monitor state file, and several helper scripts read/write files under ~/.openclaw/workspace/... (posts.json, html files). This file I/O is consistent with bulk-publish and generation features but means the skill will access and modify local blog content/metadata — users should expect that.
- Install Mechanism
- okNo install spec is provided (instruction-only skill with bundled Python scripts). No external arbitrary downloads or extract-from-URL installs were detected. There are optional Python dependencies (README suggests pip install youtube-transcript-api) but nothing in the manifest indicates hidden installers or remote code fetches.
- Credentials
- okThe skill does not request unrelated environment credentials. It optionally uses environment variables (GBLOG_CREDENTIALS_PATH, GBLOG_TOKEN_PATH, GBLOG_DEFAULT_BLOG_ID) for convenience; the primary authentication is via Google OAuth stored in local credential/token JSON files. No AWS/other service secrets are requested.
- Persistence & Privilege
- okThe skill does persist tokens and state under ~/.config/gblog (token.json, monitor_state.json) which is expected for an OAuth CLI. always:false and no other elevated privileges are requested; the skill does not modify other skills or system-wide agent settings.