Pubblue
ReviewAudited by ClawScan on May 10, 2026.
Overview
Pubblue is mostly coherent for publishing and live visualization, but it gives the agent broader local Node command execution than the documented workflow needs.
Install this only if you trust pub.blue and the Pubblue npm package. Before use, consider removing or narrowing the Node command permission, protect the Pubblue API key, confirm any public publishing or deletion actions, and stop the daemon after live sessions.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked, the agent could run local Node commands unrelated to Pubblue, which may read or modify local files or make network calls depending on the command.
The documented workflows rely on the Pubblue CLI, but the skill also permits arbitrary Node commands, which is a broader local execution surface than the publishing task requires.
allowed-tools: Bash(pubblue:*) Bash(npx pubblue:*) Bash(node:*) Read Write
Restrict allowed commands to pubblue/npx pubblue, or narrowly allow only a specific Node version check if needed. Ask for explicit user confirmation before public publishing, updates, or deletion.
Users rely on the current external npm package and its future updates, which were not included in the reviewed files.
The setup instructions install the latest Pubblue package from npm rather than using a pinned, reviewed artifact in the skill package.
pubblue --version npm i -g pubblue@latest
Install only from a trusted npm source, prefer pinned versions, and declare the CLI/install requirement in metadata or an install spec.
Anyone or any process with access to that config may be able to act against the user’s Pubblue account within the key’s permissions.
The skill expects a Pubblue API key and stores configuration locally; this is expected for a publishing service but gives account access to the CLI.
pubblue configure --api-key pub_KEY ... By default, config is stored at `~/.openclaw/pubblue/config.json`.
Use a least-privilege Pubblue key if available, protect the config file, and rotate the key if it may have been exposed.
Content sent during live sessions may be shared with the browser session and Pubblue service flow.
Live mode creates a browser-to-agent communication path for chat/canvas data. The artifact presents this as user-initiated and purpose-aligned, but it is still a sensitive data boundary.
Live is browser-initiated: the user opens the pub page and clicks **Go Live**; the daemon answers.
Start live sessions only for intended viewers, avoid sending secrets, and verify the pub’s visibility settings.
The daemon may keep running after the immediate command unless stopped, continuing to participate in live Pubblue sessions.
The skill starts a daemon for live mode and documents how to stop it. This is disclosed and purpose-aligned, but it is background activity users should notice.
pubblue start --agent-name "<agent-name>" ... pubblue stop
Check `pubblue status` and run `pubblue stop` when the live session is finished.