Skillv1.0.0

ClawScan security

Generate Social Media Content Calendar · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 28, 2026, 4:40 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions and declared capabilities fit a social-media content generator, but small inconsistencies and unnecessary permissions (README install references a different repo/slug and the skill allows Bash/Read tools without needing them) warrant caution.
Guidance: This skill appears to do what it says (generate a week of social posts and images), but take these precautions before installing or using it: - Verify the skill's true source: the README references a different GitHub repo/slug than the registry metadata. Confirm the official homepage/source repository and that the code you install matches the published skill. - Check what image_generation provider the agent will use and whether any credentials will be required at runtime; avoid providing unrelated API keys. - The SKILL.md allows Bash and Read tools but does not justify them. If you don't need shell access or file reads for your use-case, avoid granting those tool permissions or ask the publisher why they're required. - Always review generated content and any images before publishing or automating posts (the skill itself also notes this). - If you plan to install code from the README's GitHub link, inspect that repository contents locally before granting any permissions or running it. If you want, I can list exact checks to perform on the referenced GitHub repo or suggest a minimal prompt that avoids the need for Bash/file access.

Review Dimensions

Purpose & Capability: noteThe name, description, and SKILL.md content are coherent: the skill is for generating weekly social posts with captions, hashtags, and images. However the README installation text references a different package/repo (qiaomu-generate-social-media-content-calendar and github.com/qiaomucom/...) that does not match the skill registry slug (toby-...). This mismatch looks like a copied template and should be verified before trusting the source.
Instruction Scope: noteThe runtime instructions themselves are narrowly scoped to producing post text and images and explicitly advise reviewing outputs before publishing. They do not instruct reading environment variables or arbitrary files. That said, SKILL.md declares allowed-tools: Bash, Read — granting ability to run shell commands and read files; the instructions do not justify those permissions and they widen the agent's runtime capabilities beyond what's needed for text/image generation.
Install Mechanism: noteThis is an instruction-only skill with no install spec or code files (lowest install risk). The README, however, suggests a manual git clone from a GitHub repo and a ClawHub install command that reference a different slug/owner — an incoherence that could mislead users about origin and installation source.
Credentials: okThe skill requests no environment variables, credentials, or config paths, which is proportionate to the stated purpose of content and image generation.
Persistence & Privilege: okThe skill is not marked always:true and is user-invocable with normal autonomous-invocation allowed (disable-model-invocation: false). These are typical defaults and not excessive by themselves.