zhihu blog generator
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches a local blog-generation workflow, but its one-click runner can pass user input through a shell and its templates can generate unsupported personal-sounding claims.
Review this skill before installing. Do not run the one-click runner with untrusted topic strings unless shell:true is removed or inputs are safely validated. Also verify all factual, personal-experience, and performance claims before publishing generated articles, and use pinned dependency installation if you proceed.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A maliciously crafted topic or argument could cause local shell commands to run on the user's machine.
A user-provided topic argument is forwarded into a shell-enabled child process. Shell execution is expected for the runner, but shell:true with unsanitized arguments can let metacharacters execute commands outside the blog-generation purpose.
const topicArg = args.find(a => a.startsWith('--topic='))?.split('=')[1]; ... const allArgs = [scriptPath, `--session=${sessionId}`, ...extraArgs]; ... spawn('node', allArgs, { stdio: 'inherit', shell: true })Remove shell:true, use spawn/execFile without a shell, pass arguments as an array only, and validate or escape topic input before invoking subprocesses.
If copied to Zhihu or another public site, the output may mislead readers into believing the author personally measured or experienced things that were actually generated.
The generator can add first-person experience and specific performance claims without showing that these facts came from user input or collected sources.
content += `根据我的实践,${topic.title}特别适合以下场景:`; ... content += `我们内部一个服务接入后,P99延迟从120ms降到了15ms。`Require source-backed claims, use placeholders for unverified experience/data, and prompt the user to verify or disclose AI-generated sections before publishing.
The skill may fail until dependencies are manually installed, and users may not know which exact package versions to trust.
The code requires a third-party npm package, while the supplied metadata shows no install spec and the manifest does not include package.json or a lockfile. This is not malicious by itself, but dependency provenance and pinning are unclear.
const { v4: uuidv4 } = require('uuid');Publish a package.json and lockfile, declare Node/npm requirements in metadata, and document pinned installation steps.