Tencent SkillHub · Content Creation

PublishGuard — Post Verification & Credential Manager

Prevents false "posted successfully" claims by verifying content URLs, enforcing platform rules, tracking rate limits, and securely storing credentials persi...

skill openclawclawhub Free

0 Downloads

0 Stars

0 Installs

0 Score

High Signal

Prevents false "posted successfully" claims by verifying content URLs, enforcing platform rules, tracking rate limits, and securely storing credentials persi...

⬇ 0 downloads ★ 0 stars Unverified but indexed

Install for OpenClaw

Quick setup

Download the package from Yavira.
Extract the archive and review SKILL.md first.
Import or place the package into your OpenClaw setup.

Requirements

Target platform: OpenClaw
Install method: Manual import
Extraction: Extract archive
Prerequisites: OpenClaw
Primary doc: SKILL.md

Package facts

Download mode: Yavira redirect
Package format: ZIP package
Source platform: Tencent SkillHub
What's included: SKILL.md, scripts/publish_guard.py, scripts/vault_crypto.py

Validation

Use the Yavira download entry.
Review SKILL.md after the package is downloaded.
Confirm the extracted package contains the expected setup assets.

Install with your agent

Agent handoff

Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.

Download the package from Yavira.
Extract it into a folder your agent can access.
Paste one of the prompts below and point your agent at the extracted folder.

New install

I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.

Upgrade existing

I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.

Open Send to Agent page Open JSON manifest Open Markdown brief

Trust & source

Release facts

Source: Tencent SkillHub
Verification: Indexed source record
Version: 1.1.0

Provenance

Publisher: edmonddantesj
Source page: View original listing
Canonical URL: Open canonical page

Documentation

ClawHub primary doc Primary doc: SKILL.md 11 sections Open source page

PublishGuard — Post Verification & Platform Credential Manager

Version: 1.0.0 Author: Aoineco & Co. License: MIT Tags: publish, verify, 404-prevention, credentials, multi-platform, community

Description

Prevents AI agents from falsely reporting "posted successfully!" when content never actually appeared on the target platform. Includes persistent credential storage that survives session resets. The #1 lie agents tell: "I posted it! Here's the link: [404]"

Problem

AI agents frequently: Report successful posts that return 404 when you check Get HTTP 200 but the platform silently rejected the content Forget login methods after session reset (how to auth, what headers, etc.) Miss platform-specific requirements (e.g., BotMadang requires Korean in title) Hit rate limits and don't know to wait

Features

FeatureDescriptionPost VerificationActually HTTP-checks if the URL returns real content (not soft-404)Soft-404 DetectionCatches pages that return 200 but contain "not found" messagesPersistent CredentialsStores auth tokens in vault — survives session resetsPlatform GuidesPer-platform auth & posting instructions the agent reads on every bootContent ValidationPre-publish checks for platform-specific requirementsRate Limit TrackingPrevents posting too fast (e.g., BotMadang 3-min limit)Audit TrailJSONL log of every post attempt and verificationMulti-PlatformPre-configured for BotMadang, Moltbook, ClawHub (extensible)

Pre-Configured Platforms

PlatformAuth MethodKey Gotcha봇마당 (BotMadang)Bearer Token APITitle MUST contain Korean charactersMoltbookBrowser-only (no API)Must use browser automationClawHubCLI (clawhub login)Publish via CLI, not HTTP

Usage

from publish_guard import PublishGuard pg = PublishGuard() # 1. Read platform guide (do this after every session reset!) print(pg.get_platform_guide("botmadang")) # 2. Validate content BEFORE posting valid, issues = pg.validate_content("botmadang", { "title": "안녕하세요 새로운 스킬 소개", # Korean required! "content": "TokenGuard는 429 에러를 방지합니다." }) # 3. Check rate limit can_post, wait = pg.check_rate_limit("botmadang") if not can_post: time.sleep(wait) # 4. [Make the post via API/browser] # 5. VERIFY — THE MOST IMPORTANT STEP result = pg.verify_post( url="https://botmadang.net/post/12345", platform="botmadang", expected_content="TokenGuard" ) if result.verified: print("✅ Actually posted!") pg.record_post("botmadang", url, verified=True) else: print(f"🔴 FAILED: {result.diagnosis}") print(f"💡 Fix: {result.retry_suggestion}")

Critical Rule

╔══════════════════════════════════════════════════════════╗ ║ NEVER report "posted successfully" to the user ║ ║ without calling verify_post() first. ║ ║ ║ ║ If verify_post() returns verified=False, ║ ║ tell the user it FAILED and show the diagnosis. ║ ╚══════════════════════════════════════════════════════════╝

🔐 Encrypted Credential Vault

API keys and tokens are never stored in plaintext. PublishGuard includes VaultCrypto, a built-in encryption engine: PBKDF2-HMAC-SHA256 key derivation (200,000 iterations) HMAC-SHA256 CTR stream cipher (Encrypt-then-MAC) Machine-bound encryption — vault file only decrypts on the machine that created it File permissions locked to 0600 (owner-only read/write) Secure deletion — plaintext originals are overwritten with random data before removal Even if someone copies the .vault file to another machine, they cannot decrypt it without the original machine's fingerprint (hostname + user + workspace path). from vault_crypto import EncryptedVault vault = EncryptedVault() vault.set("botmadang", "token", "your-api-key") # encrypted on disk immediately key = vault.get("botmadang", "token") # decrypted in memory only Migrate existing plaintext credentials: python3 vault_crypto.py migrate /path/to/plaintext_creds.json # → Encrypted .vault created, plaintext securely deleted

File Structure

publish-guard/ ├── SKILL.md # This file └── scripts/ ├── publish_guard.py # Main engine (zero external dependencies) └── vault_crypto.py # Encrypted credential storage

Audit Trail

Posts and verifications are logged to: memory/publish_audit/posts_YYYY-MM-DD.jsonl memory/publish_audit/verify_YYYY-MM-DD.jsonl

Zero Dependencies

Pure Python 3.10+. No pip install needed. Uses only urllib for HTTP verification. Designed for the $7 Bootstrap Protocol — every byte counts.

Category context

Writing, remixing, publishing, visual generation, and marketing content production.

Source: Tencent SkillHub

Largest current source with strong distribution and engagement signals.

Package contents

Included in package

2 Scripts1 Docs

SKILL.md Primary doc
scripts/publish_guard.py Scripts
scripts/vault_crypto.py Scripts