Content Analytics
ReviewAudited by ClawScan on May 10, 2026.
Overview
This looks like a purpose-aligned content analytics helper, but users should be careful because it may use platform cookies, browser scraping, and AI analysis of account metrics.
Before using this skill, consider whether you are comfortable giving it platform cookies and creator analytics data. Keep the task narrowly focused, do not provide unnecessary account sessions, and review any browser actions or external AI processing prompts if they appear during use.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Providing these cookies could let the agent access account-specific creator-center data, and mishandled cookies could expose the user’s platform sessions.
The skill optionally asks for raw platform cookies, which are session credentials that may grant access to creator accounts. This is purpose-aligned for analytics, but sensitive.
"juejin": { "cookie": "your_juejin_cookie" } ... "xiaohongshu": { "cookie": "your_xhs_cookie" }Only provide cookies if you trust the environment, avoid sharing long-lived session cookies when possible, and revoke or rotate sessions after use if concerned.
Automated browsing could access account pages using the user’s session cookies.
The skill states that browser automation/web scraping may be used. This fits the creator-center analytics purpose, but browser automation with logged-in sessions should stay user-directed and scoped.
- Playwright(网页抓取)
Use it only for the requested analytics task and avoid granting cookies or sessions for unrelated accounts.
Creator analytics or content strategy data could be included in prompts or model analysis.
The artifact indicates AI-based analysis using GLM-5, which may involve sending content performance data to an AI model/provider, though no retention or privacy boundaries are described.
- AI 生成优化建议 ... - GLM-5(AI 分析)
Avoid including confidential metrics or unpublished strategy details unless you are comfortable with the AI processing environment.
Users cannot inspect implementation details from the provided package because it is only an instruction file.
The artifact has limited provenance and no executable implementation to review. This does not show malicious behavior, but it limits verification of how the described integrations would be performed.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Treat it as a prompt/instruction skill and review any future code, scripts, browser actions, or credential prompts before allowing them.