Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Svg Article Illustrator
v1.0.5AI驱动的SVG文章配图生成工具,支持动态SVG、静态SVG和PNG导出三种输出模式。当用户需要为文章生成配图、创建SVG插图、将SVG转换为PNG,或提到"为文章配图"、"生成插图"时使用此技能。
⭐ 0· 104·1 current·1 all-time
byxierluo@cat-xierluo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description, embedded SVG workflow, and included assets (templates, many example SVGs) align with an article-illustration generator. The optional png-export mode correctly documents Node/puppeteer as a dependency (in references). No unrelated credentials or binaries are requested.
Instruction Scope
SKILL.md instructs the agent to read the source Markdown, embed SVG code directly into the Markdown (default), save external SVG/PNG files for png-export, and archive extracted SVGs into .claude/skills/svg-article-illustrator/archive/.... Writing files to the local workspace and extracting article content for archival is coherent for this skill but has privacy implications; the doc also specifies spawning multiple Task Agents for parallel generation when ≥8 images, which increases activity surface and should be acceptable but monitored.
Install Mechanism
There is no install spec (instruction-only), which is low-risk. Two script files are included (scripts/archive.sh and scripts/svg2png.js) that will be used at runtime; because no install downloads arbitrary code at install time, install risk is low — but the scripts themselves need inspection (they may run Node/puppeteer).
Credentials
The skill does not request environment variables, credentials, or config paths. The documented optional dependency on Node/puppeteer for PNG export is proportional to that feature and is only required for png-export.
Persistence & Privilege
always:false and user-invocable:true (normal). The skill writes an archive directory into .claude/skills/... each run; that persistent storage is within scope for an archiving feature but could store sensitive article content over time. The skill's ability to spawn multiple Task Agents (documented) increases blast radius if the skill were malicious, but autonomous invocation remains disabled only if platform enforces it — not an immediate red flag alone.
Scan Findings in Context
[unicode-control-chars] unexpected: The SKILL.md contained Unicode control characters flagged by the pre-scan. This can be a sign of prompt-injection attempts (hidden characters used to influence model parsing) or accidental/formatting artifacts. Because the skill's runtime behavior is driven by SKILL.md instructions, hidden characters should be removed or examined; treat this as suspicious until explained.
What to consider before installing
What to check before installing or using this skill:
1) Inspect the two included scripts (scripts/svg2png.js and scripts/archive.sh) for any network calls, remote downloads, or unexpected file operations. Ensure svg2png.js only invokes Puppeteer locally and does not fetch remote code or exfiltrate files.
2) Review SKILL.md for any hidden/Unicode-control characters (the scanner flagged them). Hidden characters can manipulate parsing or evaluation — remove them or ask the author for a clean copy.
3) Be aware the skill will modify your article files (embed <svg> directly into Markdown) and will create an archive at .claude/skills/svg-article-illustrator/archive/… — if that is undesirable for privacy or repo hygiene, either disable archiving or run the skill in a sandboxed workspace.
4) If you plan to use png-export, only enable Node/puppeteer in an environment you trust; verify puppeteer version and that no unusual launch args or remote debugging ports are used.
5) Monitor behavior the first few runs (file writes, spawned agents/processes). The multi-agent parallel generation increases activity; if you see unexpected outbound network traffic or attempts to access unrelated files, stop and remove the skill.
If you want, I can (a) summarize or diff the two script files for risky patterns, (b) scan SKILL.md for invisible characters and show them, or (c) list exact file-write paths the skill will use so you can create safe sandbox rules.Like a lobster shell, security has layers — review code before you run it.
latestvk97976zajpd6xke7b007yg7czx83herp
License
MIT-0
Free to use, modify, and redistribute. No attribution required.