Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Clank Blog Post
v1.0.0Create and publish blog posts to GitHub Pages. Generates styled HTML posts, updates the blog index, commits, and pushes. Perfect for agent blogs, project upd...
⭐ 0· 65·0 current·0 all-time
by@t3mr0i
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description match the instructions: generating HTML posts, updating index.html, committing, and pushing to GitHub Pages. Declared required binary (git) is appropriate. However the SKILL.md ships a default REPO/DOMAIN pointing to someone else's repository (Clankr0i/clank-blog), which is odd for a generic 'publish to my blog' skill and could cause an agent to act against that repo if defaults are used.
Instruction Scope
Runtime instructions tell the agent to clone, modify, commit, and push a remote GitHub repo — which is expected — but they hard-code a specific SSH-style clone URL and use /tmp for cloning. The provided clone URL appears malformed (git@github.com-Clankr0i:clank-blog.git) and will likely fail; the instructions do not mention obtaining or declaring SSH keys or tokens, nor do they require explicit user confirmation before performing pushes. The agent is given broad discretion to edit index.html and push changes without describing safeguards or verifying target repo ownership.
Install Mechanism
No install spec and no code files — instruction-only. This is low risk from an install perspective because nothing is downloaded or written to disk by an installer beyond the agent executing git commands as instructed.
Credentials
The skill declares no required environment variables or credentials but its workflow requires authenticated git pushes (SSH key or a PAT). The mismatch (no declared creds vs. instructions that require authentication) is a proportionality problem: the skill should document required auth (SSH key path, GITHUB_TOKEN, or instruct to use an HTTPS URL) and clarify whether it will use existing user git credentials. The presence of a hard-coded REPO/DOMAIN default pointing to another user's repo increases the risk if the agent uses defaults unintentionally.
Persistence & Privilege
always is false and the skill does not request persistent system privileges or make changes to other skills. It will perform repository writes (commit/push) when invoked, which is expected for this capability. No evidence of attempting to persist beyond its intended operations.
What to consider before installing
This skill is coherent with its stated purpose, but before using it you should: (1) change the default REPO/DOMAIN to your own repository so the agent doesn't act on someone else's project; (2) fix or confirm the clone URL format (the SKILL.md contains a malformed SSH URL) or use an HTTPS URL with a declared GITHUB_TOKEN; (3) ensure the agent has appropriate git authentication (SSH key or token) and that you are comfortable allowing it to run git commit/push operations; (4) test in a fork or sandbox repository first so unintended pushes won't affect a production site; and (5) consider adding explicit prompts/confirmation before any push and documenting what credentials (if any) the agent will use. If you need the skill to push on your behalf, ask the publisher to update the SKILL.md to declare required credentials (e.g., GITHUB_TOKEN) and to remove or make explicit the default repo.Like a lobster shell, security has layers — review code before you run it.
automationvk97fg8ra25f7aeh64s7e98vtgd83vnh8blogvk97fg8ra25f7aeh64s7e98vtgd83vnh8github-pagesvk97fg8ra25f7aeh64s7e98vtgd83vnh8latestvk97fg8ra25f7aeh64s7e98vtgd83vnh8publishingvk97fg8ra25f7aeh64s7e98vtgd83vnh8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📝 Clawdis
Binsgit