ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Multi Writing Skills Main

v1.0.0

Convert and publish Markdown articles with AI-assisted writing, formatting, and image generation for WeChat, Zhihu, and Toutiao platforms.

0· 20·1 current·1 all-time
by@shixiangyu2
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The name/description (Markdown conversion, publishing to WeChat/Zhihu/Toutiao, AI writing, image generation) aligns with the repository contents: converter, platform adapters, AI/image providers, and CLI are present and coherent with the stated purpose.
Instruction Scope
SKILL.md and the CLI describe expected operations (convert, publish, generate images). The runtime code follows those instructions. However the code also reads configuration from the user's home directory (e.g., ~/.multi-writing-skills config, and ~/.openclaw/.env) and reads environment variables (WECHAT_APP_ID, WECHAT_APP_SECRET, ZHIHU_COOKIE, TOUTIAO_COOKIE, AI_API_KEY, etc.). That behavior is expected for a publishing tool but is not documented in the skill metadata — see environment_proportionality.
Install Mechanism
There is no install spec in the skill metadata (instruction-only), so nothing is downloaded during install. The repo includes Python code intended to be run by the CLI; no remote installers or opaque downloads were detected in the provided files.
!
Credentials
The skill metadata declares no required environment variables or primary credential, yet the code requires/reads multiple sensitive values (WeChat AppID/AppSecret, Zhihu and Toutiao cookies, AI provider API keys and base URLs). It also loads ~/.openclaw/.env if present. This mismatch (code needing secrets vs metadata claiming none) is a clear incoherence and could cause unexpected credential access or accidental credential exposure.
Persistence & Privilege
The skill does not request always:true and is user-invocable. It will create/read configuration under the user's home (~/.multi-writing-skills) and may save credentials there when you run config init / config set. It does not appear to modify other skills or global agent settings.
What to consider before installing
This package appears to do what it says (convert and publish Markdown, call AI/image provider APIs), but the registry metadata incorrectly declares no required credentials while the code expects platform credentials and AI API keys and will read ~/.openclaw/.env and write config to ~/.multi-writing-skills. Before installing or running: 1) only use if you trust the author/source; 2) inspect/verify the code that handles credentials and network calls (platform publishers and AI/image providers); 3) be prepared to provide platform cookies/AppID & secrets and AI API keys — do not put high‑value credentials in a shared environment; 4) consider running in an isolated environment (VM/container) or create dedicated, limited‑privilege API keys/accounts; 5) ask the publisher to update the skill registry metadata to list required env vars (WeChat, Zhihu, Toutiao, AI keys) so the permission surface is explicit.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b5ak7gs6efqj109f666w5f184kxyt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments