ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Marketing Asset Generator

v1.0.0

AI-powered marketing asset generation workflow. Combines DuckDuckGo design inspiration search, Gemini Nano Banana Pro image generation, Feishu Drive cloud st...

0· 16·0 current·0 all-time
by@terrycarter1985
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (marketing asset generation) align with the code and SKILL.md: it uses DuckDuckGo for inspiration, Google Gemini for image generation, Feishu Drive for storage, and Slack for notifications. Required binaries (python3) and Python dependencies match the stated purpose. HOWEVER the registry metadata at the top of the evaluation reports 'Required env vars: none' while the SKILL.md and the code require multiple secrets (GEMINI_API_KEY, FEISHU_APP_ID, FEISHU_APP_SECRET, FEISHU_TARGET_FOLDER_TOKEN, SLACK_BOT_TOKEN, SLACK_TARGET_CHANNEL_ID). That discrepancy is an incoherence in the package metadata.
Instruction Scope
SKILL.md and the included Python file describe and implement only the advertised workflow: searching DuckDuckGo, calling the Google genai client, saving image files locally, uploading to Feishu via its API, and posting messages/files to Slack. The code reads environment variables (and .env via python-dotenv), writes generated images to the local working directory, and performs network requests to external APIs. There are no instructions to read unrelated local files, modify other skills, call arbitrary third-party endpoints, or exfiltrate broad system data.
Install Mechanism
The skill is instruction-only (no install spec) and includes a requirements.txt of typical public Python packages (python-dotenv, duckduckgo-search, google-genai, requests, requests-toolbelt, slack-sdk). No downloads from untrusted URLs or archive extracts are present. The install approach is standard for a Python package; risk is the usual dependency risk but nothing suspicious in the install mechanism itself.
Credentials
The environment variables referenced by SKILL.md and the code (Gemini key, Feishu app id/secret + folder token, Slack bot token + channel id, optional mention string) are proportionate to the described integrations. The main concern is the metadata inconsistency: registry-level metadata claims no required envs while the runtime instructions require multiple credentials. That mismatch could be an oversight, but it matters because users may be asked to supply high-privilege secrets without the registry signalling it.
Persistence & Privilege
The skill does not request permanent presence (always:false) and does not attempt to modify other skills or system-wide agent settings. It stores generated images locally and uploads them to Feishu, but does not persist credentials or change agent config. Autonomous invocation is enabled by platform default but not combined with other high-risk flags.
What to consider before installing
The skill's functionality (Gemini image generation → Feishu upload → Slack notify) matches its code, but the registry metadata omits the many required secrets listed in SKILL.md and used by the code. Before installing: 1) Do not paste production credentials directly — create least-privilege API keys/service accounts for Gemini, a Feishu app with narrowly scoped upload permissions and a limited folder token, and a Slack bot token with only the needed scopes (chat.postMessage, files:write). 2) Verify the skill's provenance (origin repository, maintainer identity) since the package source is 'unknown' in the registry. 3) Inspect the code yourself or in a sandboxed environment; run it with test/placeholder credentials first. 4) Confirm the registry metadata is corrected (declare required env vars) or get an explicit explanation from the author; the metadata mismatch is the main reason this is flagged as suspicious. If the owner/metadata are verified and credentials are scoped appropriately, the code itself is consistent with the described purpose and the risk lowers.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dp6b3ae4x9ra5b16xgj7bt184eb6z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3

Comments