ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Open Source Marketing Playbook

v1.1.2

Turn your OSS project into a developer magnet — from first commit to 10k+ GitHub stars. Proven by AFFiNE's 33k-star growth in 18 months. Covers launch SOPs,...

0· 160·0 current·0 all-time
by@gingiris

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for gingiris/open-source-marketing-playbook.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Open Source Marketing Playbook" (gingiris/open-source-marketing-playbook) from ClawHub.
Skill page: https://clawhub.ai/gingiris/open-source-marketing-playbook
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install open-source-marketing-playbook

ClawHub CLI

Package manager switcher

npx clawhub@latest install open-source-marketing-playbook
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name/description (OSS marketing playbook) matches the included files and the SKILL.md: all material is documentation and templates for launching and promoting open-source projects. There are no unexpected binaries, env vars, or install steps required by the skill itself.
!
Instruction Scope
SKILL.md and reference documents go beyond benign guidance: they explicitly instruct using high‑karma accounts, soliciting upvotes, paid KOL 'quote bombardment', automation tools (Phantombuster, Opencord.ai, Sheet0), scraping follower lists, and coordinated mass posting/upvoting. Those are operational actions that (a) may violate platform terms, (b) require third‑party credentials and access, and (c) enable large‑scale behavior the skill itself does not declare or request.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest technical installation risk. Nothing will be downloaded or executed by the skill package itself.
!
Credentials
The skill declares no environment variables or credentials, yet many recommended tactics implicitly require accounts, tokens, or paid service credentials (Phantombuster, newsletter vendors, KOL payment flows, IndexNow key in examples). That mismatch (no declared credentials but clear operational need) means a user or agent following instructions will need to supply sensitive secrets outside of the skill’s manifest—therefore the skill could lead to credential use/exposure without warning.
Persistence & Privilege
always:false and no installs — the skill does not demand persistent presence. Model invocation is allowed (platform default). While autonomous invocation alone is not a red flag, combined with the aggressive automation instructions the agent could be prompted to perform repeated external actions if allowed to run without human oversight.
What to consider before installing
This is a genuine-looking marketing playbook (templates, channel lists, SOPs). However, it recommends tactics that can violate platform terms (coordinated upvoting, astroturfing, scraping followers, automated DMs/comments) and that require third‑party credentials or paid services. Before using or allowing an agent to act on this: (1) verify the author/source and prefer materials from known/public homepages, (2) do NOT follow instructions that encourage buying engagement or using high‑karma sockpuppet accounts, (3) avoid automation tools that require OAuth/API tokens unless you understand where tokens are stored and who can access them, (4) ensure any outreach follows platform ToS and privacy laws (spam/consent concerns), and (5) if you let an agent act, require explicit human approval for actions that send messages, post, or use external services. If you want only the benign parts (readme/SEO/templates), extract those and ignore the coordination/automation tactics.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c8b1xyp6twjrmr5h84qvsw585593b
160downloads
0stars
4versions
Updated 1w ago
v1.1.2
MIT-0
@gingiris
latest
Download

开源项目发布整合营销行动手册

🌍 Language / 语言: 中文 | English | 日本語 | 한국어

中文版

版本:5.0 (最终版) | 作者:Iris (生姜iris)

核心理念

开源的本质是,请 developer 贡献爱(就是影响力),请 to B 客户贡献钱💰。开源这个 action 经过 SOP 的运营可以转化几百几千 star,带来很多 SMB 的 leads。准备好商业模式再开源,才能承接住开源这个 action 带来的流量,避免浪费。

总体时间线

阶段时间节点核心任务
战略规划T-4周定位、价值主张、商业模式
资产准备T-3周GitHub Readme、官网、PR稿、文档
渠道准备T-2周KOL建联、Reddit账号、群组整理
团队分工T-1周预算审批、任务分配、沟通机制
发布冲刺T-3天文案确认、自动化设置、最终检查
🚀 发布日T-0多渠道集中曝光,触发流量飞轮
持续运营T+1~T+7每日100+ Star,KOL Quote轰炸

详细指南(中文)

主题文件
发布前准备 SOPreferences/preparation.md
发布日执行清单references/launch-day.md
发布后运营references/post-launch.md
KOL 合作清单references/kol-list.md
渠道资源清单references/channels.md
文案模板references/templates.md

Quick Navigation (All Languages)

🇨🇳 中文🇺🇸 English🇯🇵 日本語🇰🇷 한국어
发布准备Preparation準備段階준비 단계
发布日Launch Dayローンチ日런칭일
发布后运营Post-Launchローンチ後런칭 후
KOL清单KOL ListKOLリストKOL 목록
渠道资源Channelsチャネル채널
文案模板Templatesテンプレート템플릿

核心目标

指标目标
发布日 Star500+
首周 Star1,000+
每日新增 Star≥100(T+1 至 T+7)
KOL Quote100-150 个(5天内)
Reddit 发帖每天 3-5 个 Subreddit
群组分发每天 50-100 个群组

🔍 SEO & GEO 优化

让开源项目在搜索引擎和 AI 搜索中持续被开发者发现

开源项目的流量来源不仅是 GitHub,还有 Google/Bing 搜索和 AI 搜索(ChatGPT 推荐工具时会引用你的文档):

主题说明
SEO/GEO 指南GitHub README 优化、官网 SEO、IndexNow、AI 引用优化

核心要点:

  • GitHub Description + Topics 优化,提升 GitHub 搜索排名
  • README 结构化 + 关键词,便于 AI 提取
  • 官网实施 IndexNow,新版本发布秒级索引
  • 创建 vs 竞品对比页,获取长尾流量

Comments

Loading comments...