ClawHub

Placeholder Skill

v0.0.1

Content Claw is an automated content generation engine that transforms source material (papers, podcasts, case studies, Reddit threads, GitHub repos) into pl...

0· 97·0 current·0 all-time
by@thierrypdamiba
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The description advertises integrations (Reddit/X publishing, fal.ai image models, Exa search, brand graphs, tracking) that normally require credentials and network access, but this placeholder skill declares no dependencies or env vars. That mismatch is explainable here (it's explicitly a placeholder), but it's incomplete for evaluating the actual capability.
Instruction Scope
The runtime instruction is only to run an external installer: `clawhub install contentclaw`. The SKILL.md does not instruct the agent to read local files or secrets itself, but it delegates behavior to an external tool whose actions are unknown and may perform network downloads, request credentials, or change agent state.
Install Mechanism
There is no install spec in this skill (instruction-only). However, the file tells users/agents to run `clawhub install contentclaw`, which is an out-of-band installer not provided here. Because the installer mechanism and download sources are unknown, the installation risk cannot be assessed from this placeholder alone.
!
Credentials
No environment variables or credentials are declared, yet the advertised features (publishing, image-generation, analytics) would normally require API keys/tokens. The absence of declared env requirements is a red flag: the real skill (installed by clawhub) will likely request credentials not visible in this placeholder.
Persistence & Privilege
This skill does not request persistent/always-on privileges and is user-invocable; it does not claim to modify other skills or system-wide agent configuration. No immediate persistence concerns in the placeholder itself.
What to consider before installing
This SKILL.md is only a placeholder that tells you to run an external installer (clawhub install contentclaw). Before running that command, review the actual contentclaw package and installer source: locate the repository or release, inspect its install script and network endpoints, and confirm what environment variables and credentials it will ask for (Reddit/X tokens, image-generation API keys, analytics endpoints, etc.). If the installer fetches code from unknown URLs or a private server, treat it as high risk. Prefer to install in a sandbox or test account, verify the owner/publisher identity, and request the full SKILL.md and install spec for the main 'contentclaw' skill so you can audit required permissions and downloads. If you cannot inspect the upstream package, avoid running the installer with privileged accounts or exposing production credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk976y40wg2vchm6548anj2b4hn8348g6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments