B2B content writing with daily workflows and batching systems across Sales/HR/Fintech/Ops Tech
Security Analysis
medium confidenceThe skill's content and requirements are coherent for a content-writing guide, but two red flags—an always:true persistence flag and detected unicode-control-character prompt-injection patterns in the SKILL.md—make the package suspicious and worth further inspection before installing.
Name/description (B2B content writing, workflows, templates) match the SKILL.md and README content. There are no unrelated required binaries, environment variables, or install steps that would be inconsistent with a documentation/instruction-only skill.
The SKILL.md is a long, detailed instruction and template document that stays within the stated purpose (content frameworks, workflows, examples). However, the static scan detected 'unicode-control-chars' inside SKILL.md (prompt-injection signal). Invisible unicode control characters can be used to manipulate model parsing or hide instructions; that pattern is not expected for a plain content guide and warrants manual inspection of the file for hidden characters or embedded directive-like sequences.
No install spec and no code files are present. Instruction-only skills have the lowest install risk because nothing is written/executed on disk by the skill package itself.
The skill requests no environment variables, no credentials, and no config paths. That is proportionate and appropriate for a documentation-style content-writing skill.
The registry metadata and SKILL.md both indicate always:true (force-included in every agent run). For an instruction-only content guide this is unnecessary and increases blast radius: combined with the prompt-injection signal, permanent inclusion is a concerning privilege. If always:true remains, the skill will be evaluated/invoked even when not explicitly requested, which magnifies any malicious or manipulative content.
Guidance
This skill's content itself looks like a legitimate B2B content-writing guide, but two issues need attention before installing: (1) always:true: the skill is force-included in every agent run — unnecessary for a passive doc and increases risk if the skill contains manipulative text, and (2) unicode-control-chars: the SKILL.md contains invisible control characters that could be used to hide or alter instructions. What to do next: - Inspect the SKILL.md and README as raw bytes (cat -v, hexdump -C, or an editor that shows invisible characters) and remove any unexpected control characters. Ask the author why they were included. - Ask the publisher/maintainer to explain why always:true is necessary; request a version without always:true. Default for most skills should be not always-included. - Verify the skill author/source. The SKILL.md metadata references a GitHub profile; confirm that profile and check the original repository for identical content and no hidden directives. - If you do not trust the origin or cannot remove always:true and the control characters, do not install the skill or limit its permissions (do not allow autonomous invocation/force-inclusion). Consider running any evaluation in an isolated/test agent environment first. If the author provides a cleaned SKILL.md (no control chars) and removes always:true, this skill would be coherent and low-risk; until then treat it as suspicious.
Latest Release
v1.0.0
Initial release of "social-media-management" skill. - Provides multi-platform social media management frameworks for B2B SaaS across LinkedIn, Twitter/X, Instagram, and Facebook - Includes content calendar templates (weekly, monthly, quarterly) with 70-20-10 content mix framework - Features platform-specific posting strategies, optimal timing, and engagement workflows - Offers 24 industry-specific scenarios across Sales Tech, HR Tech, Fintech, and Ops Tech verticals - Contains cross-platform repurposing strategies (1 blog post → 10 social posts) and batch creation workflows
More by @shashwatgtm
Published by @shashwatgtm on ClawHub
