← Back to Skills Marketplace
PublishGuard — Post Verification & Credential Manager
by
edmonddantesj
· GitHub ↗
· v1.1.0
775
Downloads
0
Stars
1
Active Installs
2
Versions
Install in OpenClaw
/install publish-guard
Description
Prevents false "posted successfully" claims by verifying content URLs, enforcing platform rules, tracking rate limits, and securely storing credentials persi...
Usage Guidance
Do not install or store live credentials yet. The package claims "never stored in plaintext" but the main engine writes credentials to a plaintext JSON file in the workspace. Before using: (1) Ask the maintainer to explain why publish_guard.py includes CredentialStore that saves plaintext and whether that is intentional or a leftover; (2) If you must test, do so in an isolated sandbox and do not enter real secrets; (3) Prefer using the EncryptedVault and run the provided migrate tool, but verify that publish_guard actually reads from the encrypted vault rather than the plaintext file; (4) If you intend to use this in production, request the author remove (or gate) the plaintext store, or modify the code to use only the encrypted vault with secure permissions and documented migration behavior; (5) Confirm the vault's cryptography and threat model meet your security needs — the vault implements custom crypto primitives (HMAC-CTR, PBKDF2) and makes specific machine-binding choices that you may want reviewed by a crypto expert.
Capability Analysis
Type: OpenClaw Skill
Name: publish-guard
Version: 1.1.0
The skill bundle is classified as suspicious due to a critical security vulnerability in `scripts/publish_guard.py`. While `SKILL.md` and `scripts/vault_crypto.py` describe and implement robust, machine-bound encryption for credentials, the main `PublishGuard` class in `scripts/publish_guard.py` uses an unencrypted `CredentialStore` that saves sensitive API keys and tokens in plaintext JSON files on disk. This directly contradicts the stated security features and exposes credentials to local file system access, representing a severe flaw that allows for data compromise.
Capability Assessment
Purpose & Capability
The name and SKILL.md describe a post-verification and credential manager — that purpose fits the code (URL verification, platform rules, credential storage). However, SKILL.md emphatically claims 'API keys and tokens are never stored in plaintext' and describes a VaultCrypto engine; the main module (publish_guard.py) implements a separate CredentialStore that saves credentials in plaintext JSON to workspace/the-alpha-oracle/vault/publish_guard_creds.json. This directly contradicts the stated purpose and guarantees.
Instruction Scope
SKILL.md and the code instruct the agent to verify posts by performing HTTP GETs (expected). But the instructions and code also read/write workspace files (audit logs and credential files) and reference the OPENCLAW_WORKSPACE environment variable — this env var is used at runtime but not declared in the skill's manifest. The migration CLI in vault_crypto suggests moving plaintext creds to the vault, but the presence of an always-written plaintext credential store means credentials may be left unencrypted unless the user explicitly migrates them.
Install Mechanism
No install spec or external downloads; skill is instruction-only with bundled Python files and claims zero external dependencies. No network install URLs or package manager installs were found. That lowers supply-chain risk compared with remote downloads.
Credentials
The skill declares no required environment variables, but both scripts use OPENCLAW_WORKSPACE (falling back to ~/.openclaw/workspace), plus they derive a machine fingerprint from hostname, username, and home directory. That implicit dependency on OPENCLAW_WORKSPACE and machine identity is not declared. The credential storage behavior (plaintext JSON vs encrypted vault) is disproportionate to the manifest's lack of secrets requirements and is likely to surprise users.
Persistence & Privilege
The skill persistently writes files in the workspace: plaintext credential JSON (publish_guard_creds.json), an encrypted vault (publish_guard_creds.vault), and JSONL audit logs under memory/publish_audit/. It does not request elevated OS privileges or force installation (always:false). The persistence of plaintext credentials by default is the primary concern.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install publish-guard - After installation, invoke the skill by name or use
/publish-guard - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
Added VaultCrypto: encrypted credential storage with PBKDF2+HMAC-CTR, machine-bound decryption, secure plaintext deletion. API keys are never stored in plaintext.
v1.0.0
Initial release: post verification, soft-404 detection, persistent credentials, platform guides (BotMadang/Moltbook/ClawHub), content validation, rate limit tracking, audit trail. Zero dependencies.
Metadata
Frequently Asked Questions
What is PublishGuard — Post Verification & Credential Manager?
Prevents false "posted successfully" claims by verifying content URLs, enforcing platform rules, tracking rate limits, and securely storing credentials persi... It is an AI Agent Skill for Claude Code / OpenClaw, with 775 downloads so far.
How do I install PublishGuard — Post Verification & Credential Manager?
Run "/install publish-guard" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is PublishGuard — Post Verification & Credential Manager free?
Yes, PublishGuard — Post Verification & Credential Manager is completely free (open-source). You can download, install and use it at no cost.
Which platforms does PublishGuard — Post Verification & Credential Manager support?
PublishGuard — Post Verification & Credential Manager is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created PublishGuard — Post Verification & Credential Manager?
It is built and maintained by edmonddantesj (@edmonddantesj); the current version is v1.1.0.
More Skills