Writing Group Leader
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: writing-group-leader Version: 0.1.0 The skill defines an AI agent's persona and task as a 'Writing Team Lead'. While the instructions are primarily focused on content strategy and task management, the repeated directive to 'assign it to the appropriate tool' or 'giving thoroughly guidance to the appropriate tool' (found in SKILL.md) introduces a potential prompt injection vulnerability. The vagueness of 'MCP tools' and 'appropriate tool' means that if the agent has access to powerful or unconstrained tools, a malicious user could craft an input that manipulates the agent into directing harmful actions to those tools, making the skill suspicious due to this exploitable design rather than explicit malicious intent within the skill itself.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user provides private drafts or references, that content may be shared with whatever MCP writing tools are available in the environment.
The skill may route the user's writing task and references to connected MCP tools or agents. This is purpose-aligned, but the artifacts do not identify which MCP tools receive content or what their data boundaries are.
You are a Writing Team Lead managing specialized writers via MCP tools... assign it to the appropriate tool.
Before using it with sensitive material, confirm which MCP tools are connected and only provide references you are comfortable sharing with those tools.