Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Judy Marketing
v1.0.0Judy 专属营销技能包。整合线索挖掘、外展、内容创作、营销策略。分配给 Agent Judy 使用。
⭐ 0· 32·0 current·0 all-time
by@szzg007
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to coordinate many marketing sub-skills (lead-hunter, abm-outbound, linkedin-lead-generation, etc.), which is coherent with a 'Judy Marketing' aggregator. However, the package is instruction-only and does not include or declare any of those sub-skill code, nor does it declare dependencies (e.g., python3) that its examples invoke. That mismatch (claims of installed skills vs no bundled code or declared runtime requirements) is incoherent and could cause the agent to run arbitrary local scripts if those paths exist.
Instruction Scope
SKILL.md instructs the agent to read or rely on ~/.zshrc for an APOLLO_API_KEY and to read/write concrete local paths (e.g., /Users/zhuzhenguo/.openclaw/workspace/skills/lead-hunter/output/ and skills/.../*.py). Asking the agent to read shell rc files and specific user home directories is outside the marketing-skill's narrow purpose and risks exposing unrelated credentials or data. The instructions also assume existence of local python scripts which are not supplied.
Install Mechanism
No install spec and no code files are present, so nothing is written to disk by the skill itself. That lowers installation risk, but increases reliance on whatever local scripts/skills already exist on the host—this reliance is the core incoherence.
Credentials
The document explicitly references an APOLLO_API_KEY stored in ~/.zshrc for Apollo.io enrichment, but the skill declares no required env vars or primary credential. Requesting/expecting an API key for Apollo.io is proportionate to lead enrichment, but mentioning a specific environment file path (~/.zshrc) is a red flag: it directs the agent to read a shell configuration file (which may contain unrelated secrets) instead of using a declared env var or secure secret configuration. Also, no justification or mechanism is provided for how that key is supplied safely.
Persistence & Privilege
The skill is not marked always:true and model invocation is allowed by default (normal). The skill does not request to modify other skills' configs or system settings. However, its instructions refer to other skills' files and outputs, so it implicitly assumes access to local skill directories.
What to consider before installing
This skill is an instruction-only wrapper that references many local sub-skills and a user-specific workspace. Before installing or running: (1) verify the referenced sub-skill files and scripts (skills/*/*.py) exist and inspect them for unexpected behavior; (2) do not store API keys in ~/.zshrc—use a secure secret store or explicitly provided env var; (3) confirm you are comfortable the skill will read/writing the exact paths shown (they include a specific username and your home dir); (4) ensure python3 and any other real runtime dependencies are present and trusted; (5) if you cannot inspect the local scripts or if the referenced sub-skills are absent, treat this skill as potentially unsafe and avoid granting it runtime access. Providing the actual code for the referenced sub-skills and declaring required env vars/dependencies would materially raise confidence.Like a lobster shell, security has layers — review code before you run it.
latestvk975pjjpe8etwq58nvcb8z5ky584t6v4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.