AI Trend Hunter Pro
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user or agent follows this command, it may run code that was not included for review and could access the user’s LLM API key.
The workflow references a local Python script that is not included in the supplied file manifest, while also passing an API key into that execution environment. That creates an unreviewed-code/provenance gap.
"windows_powershell": "$env:PYTHONIOENCODING='utf-8'; $env:DEEPSEEK_API_KEY='sk-xxxx'; python 'C:/Users/phq28/.gemini/antigravity/skills/x-ai-hunter/daily_content_automation.py'"
Do not run the referenced Python command unless the script is present, reviewed, and comes from a trusted source; package maintainers should include the runner or remove the command.
The skill may spend quota or access the configured AI provider account if the key is used by the workflow.
The skill asks for an LLM API key, which is expected for AI content generation, but it is still a sensitive credential.
"API_KEY": { "type": "password", "label": "大模型 API KEY", "description": "请输入你的 OpenAI 或 Gemini API Key" }Use a dedicated, revocable API key with spending limits and avoid sharing broad account credentials.
Approved automation could place generated content into an authenticated X account’s draft/posting flow.
The workflow can use browser automation on X after approval. This is aligned with the social-posting purpose and appears gated by human review, but it can interact with a real social media account.
"type": "browser_automation", "tool": "browser_subagent", "target_url": "https://x.com", "action": "post_draft", "condition": "step_4.approved == true"
Review every draft before approving, confirm the browser is logged into the intended account, and avoid enabling full posting without explicit confirmation.
Generated posts could reflect misleading or injected instructions from scraped pages if not reviewed.
The workflow places scraped web content directly into the generation prompt. Malicious or manipulative scraped text could influence the generated draft, though the workflow includes a human review step.
"system_prompt": "你现在是 {{USER_PERSONA}}。请根据以下内容 {{SCRAPED_CONTENT}},按照 {{STYLE_REQUIREMENT}} 的要求创作一段推文。"Keep the human review step, treat scraped content as untrusted, and verify facts and links before approving posts.
The skill could continue generating or preparing social posts on a schedule rather than only when manually invoked.
The documentation describes scheduled or continuous automation. This is disclosed and related to the skill’s purpose, but it means the agent may keep acting after setup if the user enables scheduling.
"Automatically monitors top tech media outlets and trending topics around the clock" and "Set your preferred trigger time under Schedule to automate posting."
Enable scheduling only if desired, periodically review outputs, and disable the schedule when the campaign is finished.