v0.1.0

DeviantArt Post

SuspiciousClawScan verdict for this skill. Analyzed Apr 30, 2026, 11:11 AM.

Analysis

The skill mostly matches its DeviantArt posting purpose, but it stores reusable account tokens and includes risky PowerShell wrapper commands for files that are not included.

GuidanceBefore installing, confirm you are comfortable granting DeviantArt OAuth posting permissions and storing tokens locally. Prefer the included Python commands, avoid the documented PowerShell wrapper commands unless reviewed wrapper files are actually present, and manually review every post before approving publication.

Findings (6)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusNote

scripts/deviantart_post_art.py

publish_resp = api_post_form("stash/publish", publish_payload)

The skill can perform an external account-write action by publishing content to DeviantArt. This matches the stated purpose, and SKILL.md requires confirmation before posting, but users should notice the write capability.

User impactIf invoked with the wrong content or metadata, the skill can publish unwanted material to the user's DeviantArt account.

RecommendationOnly approve a post after reviewing the exact file, title, body, maturity settings, tags, and destination.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceHighStatusConcern

SKILL.md

powershell -ExecutionPolicy Bypass -File .\skills\deviantart-post\scripts\deviantart_post.ps1

SKILL.md references PowerShell wrapper scripts, but the provided manifest only includes Python files and no .ps1 wrappers. That creates an unreviewed/missing helper path for a command the user is told to run.

User impactA user may try to run a wrapper script that is not part of the reviewed artifact set, increasing the chance of failure or running an unintended local file.

RecommendationUse the included Python scripts directly unless the PowerShell wrappers are added to the package and reviewed.

Unexpected Code Execution

SeverityMediumConfidenceHighStatusConcern

SKILL.md

powershell -ExecutionPolicy Bypass -File .\skills\deviantart-post\scripts\deviantart_post_journal.ps1

The instructions recommend bypassing PowerShell execution policy for optional wrapper scripts that are not included. This code-execution path is unnecessary because direct Python commands are already provided.

User impactBypassing execution policy can reduce local script protections and may run unreviewed code if a similarly named file exists or is added later.

RecommendationRemove the PowerShell bypass wrapper instructions, or include and review the wrapper scripts and avoid ExecutionPolicy Bypass where possible.

Human-Agent Trust Exploitation

SeverityLowConfidenceMediumStatusNote

scripts/deviantart_post_art.py

p.add_argument("--location-tag", default=None)
    return p
...
    if args.dry_run:

The script contains logic that checks args.dry_run, while the parser shown does not define a --dry-run argument. SKILL.md presents dry-run as a preview safety option, so this inconsistency can undermine user expectations.

User impactA user may believe the artwork script has a working preview mode when the provided parser does not appear to expose that flag.

RecommendationFix the CLI parser to include the advertised dry-run option, or remove the dry-run claim until implemented.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

SKILL.md

Add `user.manage` when journals or statuses are needed.

The skill may request an OAuth scope that allows journal/status management. This is purpose-aligned and disclosed, but it is still meaningful account authority.

User impactThe OAuth token may allow posting or managing content on the user's DeviantArt account, depending on granted scopes.

RecommendationGrant only the scopes needed for the task, and revoke the DeviantArt app if you no longer use the skill.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

scripts/deviantart_common.py

TOKEN_PATH = Path(os.environ.get("DEVIANTART_TOKEN_PATH", DEFAULT_OPENCLAW_DIR / "deviantart-token.json"))

The skill stores and reuses a local OAuth token file. This is needed for the OAuth workflow, but it is persistent sensitive state that could be reused across tasks or affected by local file changes.

User impactAnyone or anything with access to the token file may be able to reuse DeviantArt account access until the token expires or is revoked.

RecommendationKeep ~/.openclaw private, avoid sharing token files, and revoke/re-authorize tokens if the file may have been exposed.