Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Article To Html
v1.0.0文章转信息图。将文章/笔记转化为手机可读的 HTML 信息图,自动匹配视觉风格。触发场景:文章转图、笔记转图、信息图、转小红书图、做张图、可视化这篇文章、文生图。
⭐ 0· 72·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description, templates, rules, and output HTML files all align with converting articles to phone-ready HTML infographics. However the docs claim "all styles inline, no external dependencies" while several example outputs include @import(...) from Google Fonts — this contradicts the "self-contained" claim and is unexpected for the stated promise.
Instruction Scope
SKILL.md requires a mandatory post-processing step: bash ~/.openclaw/skills/article-to-html/scripts/post-process.sh <html文件>. The package includes two local scripts (post-process.sh and fix-html.js). A skill that mandates executing a shell script during runtime expands its privileges and can perform arbitrary file/network/system actions; the script contents were not provided in the runtime instructions excerpt, so the exact behavior (network calls, file writes, command execution) cannot be verified. The workflow also references invoking Chrome for screenshots if configured, which is reasonable, but the forced execution of an included shell script is a risk and should be reviewed.
Install Mechanism
There is no install spec (instruction-only), which minimizes remote code fetching risks. However the skill ships with local scripts that the agent will execute; because there is no install step, the files are expected to already live in ~/.openclaw/skills/article-to-html and will be run directly. That is a lower-distribution risk than downloading code at runtime, but running local shell/Node scripts remains sensitive and should be audited.
Credentials
The skill requests no environment variables, credentials, or config paths — appropriate for its purpose. Caveat: example outputs embed external font imports (Google Fonts). Rendering or previewing these HTML files may cause the host environment to make outbound requests to Google, which can leak metadata (IP, referrer, timing) about when/what was rendered. Also some template output includes references to other projects (harmless-looking), but the primary risk is network fetches from fonts/CSS when opening the files.
Persistence & Privilege
always:false and no declared attempts to modify other skills or system-wide settings. The skill does instruct writing generated HTML files to the working directory and running its own post-process script, which may modify those files, but this is within the skill's scope and not a platform-level privilege escalation.
What to consider before installing
This skill appears to do what it says (generate HTML infographics) but there are two things to verify before installing/using it: (1) Mandatory script execution — SKILL.md forces running scripts/post-process.sh (which calls scripts/fix-html.js). Open and read those scripts first to confirm they only modify the generated HTML/CSS and do not perform unexpected network calls, shelling out, or credential access. If you can't read them, treat execution as risky. (2) "Self-contained" mismatch — example outputs import Google Fonts; opening rendered HTML will cause outbound requests to Google (possible metadata leak). If you need truly offline/self-contained output, remove external @import lines or host fonts locally. Recommended safe steps: review the two scripts line-by-line, run the skill in an isolated/sandboxed environment, and ensure your workflow does not expose sensitive content (private notes, credentials) to an environment that will make external network requests.Like a lobster shell, security has layers — review code before you run it.
latestvk971hgczj8btd55rr36nypykbh83nyss
License
MIT-0
Free to use, modify, and redistribute. No attribution required.