OpenClaw SEO Content Writer
v1.0.4Write and ship SEO blog posts with Tony + Peter workflow, publish QA, deploy verification, and GSC indexing. SEO博客写作/发布/部署/谷歌收录
⭐ 0· 62·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name and description (Tony + Peter SEO pipeline with drafting, deploy, and GSC submission) match the content of SKILL.md and reference files. The skill is a workflow guide and does not claim to perform actions that would require unexpected access (e.g., cloud-wide admin rights). References to deployment pipelines, SSH/CLI, and Google Search Console are expected for the declared purpose.
Instruction Scope
SKILL.md stays within the SEO production domain: drafting, preflight, deploy verification, and GSC submission. It does assume presence of tooling and credentials (SSH/CLI to trigger deploys, a verified GSC property, Google Cloud project with Indexing/Search Console APIs enabled, and a service account JSON or OAuth credentials) but does not include instructions that read unrelated system files or request secret exfiltration. Because the skill is a guide, it delegates implementation (e.g., how to use the Indexing API) to the operator — review any implementation you build from this guide to ensure it handles secrets safely.
Install Mechanism
There is no install spec and no code files that would be written to disk at install time; this is low-risk. The registry metadata and package contents are instruction-only documentation and references.
Credentials
The skill does not declare required env vars or ship credentials, which is appropriate for a documentation-only skill. It explicitly expects that the operator provides Google service account/OAuth credentials and deployment access in their environment — these are proportionate to performing GSC submissions and deployments. Users should ensure any service account used has least-privilege (only GSC/Indexing API and necessary site permissions) and that keys are stored/used securely rather than exposed to agents or untrusted processes.
Persistence & Privilege
always is false and the skill does not request persistent presence or modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) but the skill itself only contains guidance; the real risk depends on the implementation you attach to this workflow.
Assessment
This is a documentation-only workflow for producing and shipping SEO blog posts — it does not install code or require environment variables itself. Before using it operationally: (1) review any scripts or automations you build from this guide to ensure they do not leak credentials; (2) provision a Google service account with the minimum permissions needed for Search Console/Indexing APIs and avoid using overly broad keys; (3) restrict any SSH/CI credentials used to deploy to the minimum required scope and test in a staging environment first; (4) ensure receipts/artifacts do not contain sensitive keys; and (5) if you connect this workflow to an agent that can act autonomously, limit the agent's access to secrets and monitor activity. If you want a higher-assurance check, provide the implementation scripts (deploy hooks, GSC submission code) for review so those pieces can be evaluated as well.Like a lobster shell, security has layers — review code before you run it.
latestvk978pcfmrpz9dhwkcs2gf0vnhh841mas
License
MIT-0
Free to use, modify, and redistribute. No attribution required.