ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

AI Instagram Auto Poster

v1.0.7

Automate creation and direct posting of promotional images to Instagram Business accounts using Meta Graph API without third-party schedulers or paid tools.

0· 67·0 current·0 all-time
byPawan Shekhawat@pawanshekhawat
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description (auto-posting to Instagram Business) aligns with the provided scripts: image generator, Cloudinary uploader, website scraper, and Instagram poster. However the registry metadata lists no required environment variables or primary credential while SKILL.md and the code require IG_ACCESS_TOKEN, IG_BUSINESS_ACCOUNT_ID, CLOUDINARY_CLOUD_NAME, and CLOUDINARY_UPLOAD_PRESET — a mismatch that could lead to unexpected runtime failures or misconfiguration.
Instruction Scope
SKILL.md and the scripts keep scope to the stated pipeline (optional public website scrape → image generation → Cloudinary upload → Graph API publish). The scraper accepts a user-provided public URL and extracts title/meta/H1/paragraph text and public contact patterns; the code implements multiple SSRF protections (scheme checks, DNS resolution to ensure public IPs, redirect blocking, TLS verification). Still, the scraper will extract and return any publicly exposed emails/phones from a site — expected for the feature but something to be aware of if you pass URLs containing sensitive or PII inadvertently.
Install Mechanism
This is an instruction-driven skill bundled with Python scripts (no installer). No external arbitrary downloads are used. The only non-stdlib runtime dependency is Pillow (documented). No code is fetched from third-party URLs during install.
!
Credentials
The environment variables required by the pipeline (IG_ACCESS_TOKEN, IG_BUSINESS_ACCOUNT_ID, CLOUDINARY_CLOUD_NAME, CLOUDINARY_UPLOAD_PRESET) are appropriate for the stated functionality, but they are not reflected in the registry 'Required env vars' metadata — an incoherence. Cloudinary upload preset usage can be unsigned and thus publicly writable; the SKILL.md warns about this, but if you use an unsigned preset your uploads could be exposed or abused. The number and type of secrets requested is otherwise proportionate to the task (Instagram tokens and Cloudinary settings).
Persistence & Privilege
The skill is not set to always:true and does not modify other skills or system-wide configuration. The scripts read environment variables at runtime and do not persist tokens or store them externally according to the code and SKILL.md.
What to consider before installing
This package is mostly coherent with its stated purpose but there are a few things to check before using it: - Configuration mismatch: The registry metadata claims no required env vars, but the SKILL.md and scripts require IG_ACCESS_TOKEN, IG_BUSINESS_ACCOUNT_ID, CLOUDINARY_CLOUD_NAME, and CLOUDINARY_UPLOAD_PRESET. Make sure you set those environment variables before running. - Use least-privilege/test tokens: For Meta/Instagram, create and test with a Page access token tied to a test Page or app with the minimum required permissions (instagram_content_publish, pages_read_engagement). Do not use owner/root/long-lived tokens for initial testing. - Protect Cloudinary uploads: Prefer signed upload presets or restrict unsigned presets by folder/origin in your Cloudinary dashboard. Unsigned presets can allow public uploads and could expose your images or be abused. - Scraper safety: Only provide public, trusted URLs. The scraper enforces SSRF protections (DNS checks, redirect blocking, TLS verification) but it will extract publicly visible emails/phones from a page; do not supply URLs that expose PII you do not want handled. - Review and run locally first: Because the package is instruction-driven with bundled scripts, inspect the code (you have it) and run in an isolated environment before granting access in production. Confirm the scripts behave as you expect (e.g., the Instagram publish flow using your tokens). If these concerns are acceptable and you follow the hardening advice (signed Cloudinary preset, least-privilege test token, avoid private URLs), the skill appears to implement the functionality it advertises. If the registry metadata were corrected to list the required env vars, the coherence would improve.

Like a lobster shell, security has layers — review code before you run it.

aivk976w0agm60vcfed1xfgag1fan846mr0automationvk976w0agm60vcfed1xfgag1fan846mr0autopostvk976w0agm60vcfed1xfgag1fan846mr0content-generationvk976w0agm60vcfed1xfgag1fan846mr0instagramvk976w0agm60vcfed1xfgag1fan846mr0latestvk972t23j8eqzfny7h15ccmknrx84bmdnmarketingvk976w0agm60vcfed1xfgag1fan846mr0meta-apivk976w0agm60vcfed1xfgag1fan846mr0social-mediavk976w0agm60vcfed1xfgag1fan846mr0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments