Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Chief Editor
v0.1.0Professional chief editor skilled in reviewing, refining, and ensuring content quality while adhering strictly to user preferences and source materials.
⭐ 0· 867·5 current·5 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name and description align with runtime instructions: the skill instructs the agent to read provided source documents/KB entries and produce edited content. The tools and steps (read documents, consult URLs, generate text, submit results) are coherent with an editing workflow.
Instruction Scope
The SKILL.md mandates reading ALL attached files, using a knowledge-base retriever when KB documents are referenced, identifying URLs inside those documents, and (if any URLs are found) scraping up to five URLs. It also instructs parallel calls to multiple LLM tools when the user requests multiple versions. These behaviors are reasonable for a thorough editor, but they broaden data exposure: attachments and their contents will be sent to the platform's tools and external scraping endpoints and multiple LLM backends may receive document content.
Install Mechanism
Instruction-only skill with no install spec and no code files. Nothing is written to disk or installed by the skill itself.
Credentials
No environment variables, credentials, or config paths are requested. However, the skill references many platform tools (wiki_retriever, url_scraping, several editor_call_* LLM tools, submit_result) that will receive document/text data at runtime — the skill does not require additional secrets itself, but using it will cause data to be transmitted to whatever backends implement those tools.
Persistence & Privilege
always is false and there is no indication the skill modifies agent/system-wide settings or other skills. It does require calling platform tools but does not request permanent presence or elevated privileges.
Assessment
This skill appears to do what it says, but take these precautions before installing or using it:
- Understand the tool endpoints: the skill will call wiki_retriever, url_scraping, and multiple editor_call_* LLM tools. Confirm who operates those tools and where your document text will be sent (third-party LLMs or internal services).
- Avoid feeding sensitive documents: the skill mandates reading ALL attachments and scraping URLs found within them. If your attachments contain confidential data, do not use the skill or remove sensitive content first.
- Be cautious about URL scraping: scraped pages may be external and fetching them can leak the fact that you reviewed the doc. If you don't want external network calls, instruct the agent not to scrape URLs or to only follow whitelisted domains.
- Multiple-model generation: when multiple versions are requested the skill calls several LLM tools in parallel — that increases the number of external services receiving your content. Only enable that mode if you trust those models.
- If you need higher assurance, ask the skill author or platform operator which backends implement the named tools and whether data is logged/retained.
Given these data-flow/privacy concerns, the skill is internally coherent for an editor role (benign), but exercise caution about what documents you allow it to read and which tool endpoints you permit.Like a lobster shell, security has layers — review code before you run it.
latestvk977e5v13yjgz6h9m8bch3c8ah817ebc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.