ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Social Hook Generator

v1.0.0

Viral hook generator for social media posts. Generate 10+ scroll-stopping opening lines for X/Twitter, LinkedIn, TikTok, Instagram, and Threads optimized for...

0· 142·2 current·2 all-time
by@mguozhen

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for mguozhen/social-hook-generator.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Social Hook Generator" (mguozhen/social-hook-generator) from ClawHub.
Skill page: https://clawhub.ai/mguozhen/social-hook-generator
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install social-hook-generator

ClawHub CLI

Package manager switcher

npx clawhub@latest install social-hook-generator
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to be a 'viral hook generator' and the included analyze.sh implements that by constructing a prompt and asking a local OpenClaw agent to produce hooks — functionally coherent. However the registry metadata declares no required binaries or env vars, yet analyze.sh invokes the 'openclaw' CLI and 'python3'. The metadata omission is an inconsistency: the script legitimately needs those binaries to run.
Instruction Scope
SKILL.md and analyze.sh stay within the stated task (generate hooks, produce variations, A/B pairs, and platform adaptations). The script does not read unexpected files or environment variables. However it runs 'openclaw agent --local ...' which hands the user's input (the topic/platform) and a crafted prompt to another program; that program may perform network calls or use credentials not visible here, so there's an indirect data flow to review.
Install Mechanism
There is no install spec (instruction-only plus a shell script), so nothing is automatically downloaded or written during install. That is lower risk. The risk comes from runtime requirements (external binaries) rather than installation.
!
Credentials
The skill declares no required credentials or env vars, which would be appropriate for a simple generator. But because analyze.sh invokes the 'openclaw' CLI, any credentials or configuration that CLI uses (API keys, agent tokens, telemetry settings) are implicitly in-scope even though not disclosed. Additionally the script uses python3 but that is not declared. The absence of declared runtime dependencies and potential indirect use of agent credentials is disproportionate to what's documented.
Persistence & Privilege
The skill is not marked always:true, does not attempt to modify other skills or system config, and appears to only run a single local command at invocation. No persistent or elevated privileges are requested by the skill itself.
What to consider before installing
This skill appears to do what it says (generate social-media hooks), but there are important metadata inconsistencies you should resolve before using it widely. The analyze.sh script calls the 'openclaw' CLI and 'python3' at runtime even though the skill metadata lists no required binaries — ask the author to update metadata to declare these dependencies. Before running the script, verify where the 'openclaw' binary comes from and whether it will send your input to any remote service or reuse agent credentials (it may read local agent config or network). If you cannot confirm that, run the script in a sandboxed environment or inspect/run it manually with safe inputs. If you plan to install/use this in a production environment, request an updated package that declares required binaries (openclaw, python3) and documents any network/telemetry behavior; otherwise treat this skill with caution.

Like a lobster shell, security has layers — review code before you run it.

latestvk97beasn5h0f3eyj286nnvd7c583fqk2
142downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
@mguozhen
latest
Download

Social Hook Generator

Generate scroll-stopping hooks for any platform, topic, and audience in seconds.

Usage

hook: write hooks for a post about email marketing tips
viral hook: LinkedIn post about remote work productivity
hook generator: TikTok about AI tools for small business
scroll stop: Instagram reel about sustainable fashion

What You Get

  1. 10 Hook Variations — different styles (question, bold claim, story, data, controversy)
  2. Platform-Optimized — tailored to X, LinkedIn, TikTok, Instagram, Threads
  3. Emotion Triggers — curiosity, FOMO, surprise, relatability, aspiration
  4. A/B Test Pairs — top 3 hooks paired for split testing
  5. Hook Scoring — rated by predicted CTR and scroll-stop power
  6. Customization Tips — how to make each hook your own

Comments

Loading comments...