Kids AI Magazine
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
Before installing, confirm you are comfortable installing edge-tts and optionally cloudflared, avoid putting private information into story narration, review the generated HTML before opening or sharing it, and only expose the intended ./output directory if using a public tunnel. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing these tools gives locally installed third-party packages the ability to run when the user invokes the workflow.
The skill asks the user to install third-party tools without version pinning or an install spec. This is disclosed and purpose-aligned, but it is still a supply-chain point users should review.
Prerequisite: `pip3 install edge-tts` ... `# Public sharing (install once: brew install cloudflared)`
Install only from trusted package sources, consider pinning versions, and review package provenance before use.
Story narration content may be transmitted to an external text-to-speech service to generate audio.
Narration text is sent through edge-tts to an external TTS provider. This is expected for audio generation and no credentials are shown, but users should avoid putting private information in story text.
Generate TTS audio for each story using edge-tts (Microsoft Azure free TTS). ... "--text", text, "--write-media", output_path
Use non-sensitive narration text and disclose this external TTS processing if sharing the workflow with others.
If used, the generated magazine directory could be accessible to anyone with the tunnel URL.
The skill documents commands to serve the generated output locally and expose it through a public tunnel. This is explicit and purpose-aligned for sharing, but it can make files in ./output publicly reachable.
python3 -m http.server 8899 -d ./output ... cloudflared tunnel --url http://localhost:8899
Review the generated output first, serve only the intended output directory, and stop the local server/tunnel when finished.
Opening or sharing a magazine built from untrusted story data could expose viewers to unwanted active content or misleading links.
Story fields are inserted into the generated HTML without escaping. This preserves intended formatting, but untrusted story JSON could inject active HTML, scripts, or unsafe links into the magazine.
html += f' <p>{p}</p>\n' ... source_html = f'<br>📰 <a href="{source_url}" ...'Generate stories from trusted content, sanitize or review HTML fields before building, and avoid using untrusted source URLs without validation.