WordPress Remote News Publisher

Automates news article creation and publishing to remote WordPress via SSH and WP-CLI, including image handling and SEO metadata integration.

This skill appears to perform what it says (generate articles, download an Unsplash image, and publish via SSH+WP‑CLI), but there are a few things you should verify before installing or running it: - Registry metadata mismatch: the skill package requires SSH and Unsplash credentials and certain binaries, but the registry entry lists none. Treat the registry info as incomplete and inspect the included SKILL.md and scripts (you already have them). - SSH key risk: the scripts require WP_SSH_KEY (a private key path). Only supply a key that is limited in scope on the remote host (not a full root or multi-service key). Prefer a deploy-only account and restrict commands allowed by that key if possible. - Host-key verification: the scripts set StrictHostKeyChecking=no (disables host key checks). This eases automation but increases MITM risk. Prefer to manually verify and pin the remote host key or remove that option once keys/hosts are trusted. - Telegram notification is referenced but no configuration is provided — confirm how notifications are implemented before relying on them. - Temporary files: artifacts (article JSON, media ID, cover metadata) are stored in /tmp. If you run this on a multi-user machine, be aware other users may read those files; consider changing locations or setting restrictive permissions. - Testing recommendation: run the scripts in an isolated environment first (a staging WordPress instance) with a restricted SSH key and a test Unsplash key. Review and, if desired, remove any insecure SSH options and ensure the remote WP user has limited privileges. If you need higher assurance, ask the publisher to update the registry metadata to list required env vars and binaries, and to document the Telegram notification mechanism and any remote privileges the SSH account requires.

Type: OpenClaw Skill Name: wordpress-remote-news-publisher Version: 1.0.0 The skill is classified as suspicious due to several security vulnerabilities, primarily the use of `StrictHostKeyChecking=no` in all SSH and SCP commands across `SKILL.md`, `publish_wp_remote.sh`, and `upload_media_remote.sh`, which disables host key verification and exposes the connection to Man-in-the-Middle attacks. Additionally, the `publish_wp_remote.sh` script uses `file://` paths for post content in remote WP-CLI commands, which could be exploited for Local File Inclusion or Remote Code Execution if the AI agent's generated content (saved to `/tmp/wp_article.json`) were maliciously manipulated. While the skill's stated purpose is legitimate, these flaws present significant attack surfaces without clear evidence of intentional malicious exploitation by the author.