ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Tweet Ideas Generator

v1.0.0

Generates 60 high-impact tweet ideas from reference content across 5 categories. Use when someone wants to extract engaging short-form statements from content for Twitter/X, organized by harsh advice, quotes, pain points, counterintuitive truths, and key insights.

0· 1.9k·2 current·2 all-time
by@vincentchan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the instructions: the skill extracts short-form statements from user-provided content and produces categorized tweet ideas. It does not request unrelated credentials, binaries, or config paths.
Instruction Scope
Instructions are bounded to collecting user-supplied content (pasted text, provided files, or URLs) and using web_fetch for URLs. This is appropriate for the task, but the spec allows reading 'content draft files' — that should be interpreted as files explicitly provided by the user rather than arbitrary system file access. The skill also instructs saving output to tweet-ideas/tweets-{timestamp}.md (writing to the agent workspace).
Install Mechanism
No install spec or code files are present; this is an instruction-only skill that relies on the agent's built-in tools (e.g., web_fetch). No external downloads or packages are required.
Credentials
The skill requires no environment variables, credentials, or config paths. There is no disproportionate request for secrets or unrelated service tokens.
Persistence & Privilege
always is false and the skill is user-invocable (normal). The instructions direct saving outputs to a local path (tweet-ideas/...), which is expected for this kind of tool. It does not request persistent system-wide privileges or modify other skills' configs.
Assessment
This skill appears coherent and safe for normal use, but consider these practical precautions before installing or running it: - Only provide content and URLs you intend the agent to fetch and analyze; do not supply links that require confidential credentials or point to private/internal resources. - When supplying files, explicitly upload the files rather than asking the skill to search your system — treat file access as user-approved input. - The skill will write output files to tweet-ideas/tweets-{timestamp}.md in the agent workspace; review or delete those files if they contain sensitive content. - Because the agent may fetch public URLs, verify any fetched content you care about (copyright, privacy, or accuracy) before publishing generated tweets. - If you want to avoid any network fetching, instruct the skill not to use URLs and instead paste content directly.

Like a lobster shell, security has layers — review code before you run it.

latestvk97844z0t8947b4z3jtschc4th8008rd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments