ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

My goal is to support the community and continue creating more useful tools. If these automations prove to be very helpful to you, or if you see value in what I'm sharing, any donation, no matter how small, is welcome and will allow me to dedicate more time and resources to building new templates and contributing more solutions. https://donate.stripe.com/bJe6oGaaQ9JC1jf15gdwc01 Thank you for your interest, and I hope you find them very useful.

v0.1.0

When the user wants help creating, scheduling, or optimizing social media content for LinkedIn, Twitter/X, Instagram, TikTok, Facebook, or other platforms. Also use when the user mentions 'LinkedIn post,' 'Twitter thread,' 'social media,' 'content calendar,' 'social scheduling,' 'engagement,' or 'viral content.' This skill covers content creation, repurposing, and platform-specific strategies.

3· 6.5k·89 current·94 all-time
by@carlosfmtz·duplicate of @carlosfmtz/social-content-generator
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md repeatedly states the agent has "direct access to a scheduling platform that publishes to all major social networks." Yet the skill declares no required environment variables, no credentials, and no install mechanism for any scheduling service. That capability claim is unsupported by the rest of the package. Also the registry 'name' shown to the user appears to be a donation solicitation rather than a clear skill name, which is inconsistent and a social/metadata red flag.
Instruction Scope
The instructions themselves are focused on content strategy, templates, and platform-specific guidance — all within scope for a social content skill. The SKILL.md does not contain explicit API calls, shell commands, or instructions to read arbitrary files or system credentials. The main concern is the ambiguous claim of publishing/scheduling access: instructions imply publishing capability but do not specify how posting is performed or where credentials would come from.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. That lowers risk because nothing is written to disk and there are no third-party packages to fetch. There is nothing in the install area that contradicts the stated functionality.
!
Credentials
The skill requests no environment variables or credentials but claims the capability to publish content. For a scheduler integration you'd normally expect at least a platform API token, webhook URL, or an OAuth flow. The absence of any declared credential or configuration requirement is disproportionate to the publishing capability the SKILL.md describes.
Persistence & Privilege
The skill does not request always:true and makes no claims about modifying other skills or system-wide settings. It does not request persistent system presence or elevated privileges in its metadata.
What to consider before installing
This skill's content is useful for social media strategy, but two things don't add up: (1) the package metadata shown to users includes a donation solicitation as the displayed 'name', which is unusual and could be a sign of sloppy or deceptive packaging; and (2) the SKILL.md claims "direct access to a scheduling platform" but the skill declares no credentials, no install, and provides no details about which scheduling service or how posting/authentication is handled. Before installing or enabling this skill, ask the publisher for clarifications: which scheduling platform(s) does it integrate with, exactly how are credentials provided/stored (OAuth? API keys?), and whether the skill will actually publish on your behalf or only generate drafts. If you plan to let it post, prefer using test/staging social accounts and supply least-privilege credentials (revocable, posting-limited tokens) and confirm a clear privacy/data-handling policy. If the publisher cannot or will not provide integration details and a clear owner identity, avoid granting posting access.

Like a lobster shell, security has layers — review code before you run it.

ai-contentvk974aqjnvg3sv1j89k26ar98m580j9n8automationvk974aqjnvg3sv1j89k26ar98m580j9n8content-creationvk974aqjnvg3sv1j89k26ar98m580j9n8cryptovk974aqjnvg3sv1j89k26ar98m580j9n8latestvk974aqjnvg3sv1j89k26ar98m580j9n8marketingvk974aqjnvg3sv1j89k26ar98m580j9n8social-mediavk974aqjnvg3sv1j89k26ar98m580j9n8twittervk974aqjnvg3sv1j89k26ar98m580j9n8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments