ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Content Claw

v3.3.2

Turn papers, podcasts, and case studies into publish-ready social posts, infographics, and diagrams. Discovers trending topics via Exa, generates content wit...

0· 146·0 current·0 all-time
by@thierrypdamiba
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description map to requested env vars and binaries: EXA_API_KEY is used by discover_topics.py to query Exa; FAL_KEY is used for image generation via fal-client. The single required binary (uv) matches the project's use of Astral's uv to run scripts and install deps. No unrelated cloud credentials or irrelevant tools are requested.
!
Instruction Scope
SKILL.md instructs the agent to restrict read/write to the skill's BASE_DIR and lists explicit commands (uv run scripts/...). However the enforcement is self-imposed by instructions rather than technically enforced. The agent is granted file read/write/glob/grep capabilities and could access other paths if it ignored the guidance. The skill also uses headless browser scraping with stealth init code (hides webdriver) which may violate site terms; discovery scripts assemble and submit search queries to Exa and retain text previews returned by Exa (up to configured lengths).
!
Install Mechanism
There is no platform install spec in the registry, but SKILL.md tells users to install uv and run 'uv sync' and to run 'uv run playwright install chromium'. It also recommends an install via a curl install.sh from astral.sh — running remote install scripts is higher risk and should be reviewed before execution. Dependencies (playwright, fal-client, exa-py, etc.) will be pulled from PyPI via uv, which is normal but still executes third-party code on your machine.
Credentials
Only two environment variables are required: EXA_API_KEY and FAL_KEY. Both are directly justified by the skill's functionality (topic discovery and image generation). The primary credential is FAL_KEY which is consistent with the skill producing images. The discover_topics loader intentionally limits which keys from .env it exposes (only FAL_KEY and EXA_API_KEY).
Persistence & Privilege
The skill is not always-enabled (always:false) and is user-invocable. Model invocation is allowed (default) which is normal for skills. There is no manifest indication it modifies other skills or system-wide agent settings. Consider that autonomous invocation combined with broad file-tool access increases blast radius if the agent disregards the SKILL.md 'only BASE_DIR' rule.
What to consider before installing
This skill appears to be what it claims (content extraction + topic discovery + image gen) but exercise caution before running it: - Review any remote install scripts (the SKILL.md suggests running a curl install.sh for 'uv') before executing; prefer installing uv from a package manager you trust. - uv sync will install third-party Python packages (playwright, fal-client, exa-py). Audit those packages and their versions if you require high assurance. - Use scoped, low-privilege API keys for FAL_KEY and EXA_API_KEY and rotate them after testing. Do not provide high-privilege or long-lived credentials. - Run the skill in a sandbox or container the first few times, especially because it launches a headless browser and performs web scraping (the code intentionally uses stealth techniques that could violate site terms). - Verify generate_image.py and related scripts to confirm only condensed image specs (not full source documents) are sent to fal.ai, and that no sensitive source content is transmitted to Exa or other endpoints. - Be cautious about trusting the skill's 'do not access files outside BASE_DIR' rule: the instruction is self-enforced in documentation. If you need strict containment, run it in an environment that enforces filesystem isolation. If you want, I can: (a) show the contents of scripts/generate_image.py to verify what is sent to fal.ai, (b) list the exact Python dependencies and their versions from pyproject.toml, or (c) suggest a minimal, sandboxed test plan to validate behavior safely.

Like a lobster shell, security has layers — review code before you run it.

latestvk974vmqwh1177p23v5kr2mxasn834t63

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎨 Clawdis
Binsuv
EnvFAL_KEY, EXA_API_KEY
Primary envFAL_KEY

Comments