ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Wordpress Auto Publish Clean

v1.0.0

Automatically publish Markdown articles to WordPress blog via REST API

0· 58·0 current·0 all-time
by@rainco2008

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for rainco2008/test-wp.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Wordpress Auto Publish Clean" (rainco2008/test-wp) from ClawHub.
Skill page: https://clawhub.ai/rainco2008/test-wp
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install test-wp

ClawHub CLI

Package manager switcher

npx clawhub@latest install test-wp
Security Scan
Capability signals
Requires OAuth tokenRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the included files: numerous Node scripts perform REST API publishes, media uploads, category/tag management, JWT and app-password flows. That capability is coherent with the stated purpose. However, the skill metadata declares no required env vars or primary credential while the code and README clearly expect WordPress credentials (application password or username/password/JWT) configured in config.js or via environment variables—this mismatch is unexpected.
Instruction Scope
SKILL.md and README instruct running tests, publish scripts, and included setup scripts (e.g., scripts/setup-wordpress.sh, install-jwt-complete.sh). The instructions focus on WordPress integration and do not request unrelated system data, but they do instruct execution of bundled shell scripts and many helper scripts that could modify a WordPress host or perform network calls. The guidance to 'review full source' is good, but running setup scripts without inspection could have side effects.
Install Mechanism
There is no install spec (instruction-only), which is lower risk than fetching arbitrary remote binaries. The repository contains many scripts that would be executed locally by the user. No remote download/install steps are declared in the skill metadata itself.
!
Credentials
Metadata lists no required environment variables or primary credential, but the code and README expect WORDPRESS_URL, WORDPRESS_USERNAME, WORDPRESS_PASSWORD (or app password / JWT credentials) and a config.js. Requiring admin credentials for a WordPress site is appropriate for this functionality, but the metadata omission is a mismatch and could mislead users. The number of sensitive values implied (username/password, app passwords, JWT secrets) is proportionate to the task, but must be explicitly declared and handled carefully.
Persistence & Privilege
The skill does not request always: true and does not claim system-wide persistence. It writes logs and can create local files (reports, logs) but does not request elevated agent privileges. Autonomy (model invocation) is enabled by default but not unusual; it is not combined with always:true or broad undeclared credential access.
What to consider before installing
This package appears to do what it says (publish Markdown to WordPress), but there are important caveats: 1) The skill metadata does not declare the WordPress credentials it actually requires—expect to supply WORDPRESS_URL and either an application password or credentials (or configure config.js). 2) Review any shell scripts (scripts/setup-wordpress.sh, install-jwt-complete.sh, etc.) before running them — they may attempt changes on the target server or assume you run them on the WordPress host. 3) Do not provide site admin credentials to the skill unless you trust the code: create a dedicated user with the minimal permissions needed and prefer WordPress application passwords (not your main login password). 4) If you will run scripts on a machine you control, inspect them locally first and run npm install only after reviewing package.json. 5) If you need help assessing specific files (e.g., setup scripts or any file that touches remote endpoints), share those files and I can analyze them line-by-line.
simple-publish.js:21
Environment variable access combined with network send.
!
image-manager-demo.js:89
File read combined with network send (possible exfiltration).
!
image-manager.js:128
File read combined with network send (possible exfiltration).
!
image-upload-test.js:176
File read combined with network send (possible exfiltration).
!
wordpress-api.js:155
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk9721hn61ten24882vfqgjstf18514vz
58downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
@rainco2008
latest
Download

WordPress Auto-Publish Skill

Automatically publish Markdown articles to WordPress blog. Supports REST API publishing, batch processing, draft management, category and tag management.

Features

  • Publish Markdown articles to WordPress via REST API
  • Batch publishing support
  • Draft and published status management
  • Category and tag management
  • Featured image upload support

Comments

Loading comments...