Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Trending News Aggregator
v1.0.0智能热点新闻聚合器 - 自动抓取多平台热点新闻, AI分析趋势,支持定时推送和热度评分。 核心功能: - 每天自动聚合多平台热点(微博、知乎、百度等) - 智能分类(科技、财经、社会、国际等) - 热度评分算法 - 增量检测(标记新增热点) - AI趋势分析
⭐ 0· 98·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description align with the instructions: it uses web_search to aggregate and classify trending items. Declared dependency on a 'web_search' tool is appropriate. However, package.json and PUBLISH.md reference an npm package and GitHub repo (placeholders) even though this bundle is instruction-only and contains no runnable source — that's an inconsistency in how the skill would be installed or distributed.
Instruction Scope
SKILL.md confines runtime behavior to web searches, classification, scoring, and optional pushes; it does not instruct reading unrelated system files or secrets. It does advise cloning a GitHub repo and copying into ~/.openclaw/skills for manual install, which is standard but points to an external repo that is a placeholder and not verifiable here.
Install Mechanism
Registry metadata says 'no install spec' (instruction-only), which is low-risk. But package.json includes an openclaw.install.npmSpec and PUBLISH.md describes publishing to npm/ClawHub — conflicting signals about how to obtain code. There is no actual code to be installed in this package, so the install/publish instructions are incomplete or misleading.
Credentials
The skill declares no required environment variables or credentials, yet supports multiple push channels (Weixin, DingTalk, Slack, Telegram, SMTP) that necessarily require tokens/credentials to operate. SKILL.md does not declare or document expected env var names or secure credential storage/config paths. This omission creates a risk that users will be asked later to provide secrets in an ad hoc way or configure them unsafely.
Persistence & Privilege
always is false and there is no request for system-wide privileges. The skill suggests storing configuration locally (config.yaml) and scheduling tasks (cron/OpenClaw cron), which is expected behavior for an automation skill and not excessive.
What to consider before installing
Key things to verify before installing:
- Credentials for push channels: ask the author which env vars or config fields are required and how secrets are stored; do not paste tokens into chat or public fields. The skill currently lists push targets but declares no credential names.
- Source verification: the SKILL references cloning a GitHub repo and npm publishing, but the repo URL and npm spec are placeholders (yourusername). Prefer skills with a real, auditable repository and published package rather than anonymous instruction-only bundles.
- Installation ambiguity: package.json suggests an npm install path though the package here has no executable code — clarify whether code exists elsewhere and where it will be downloaded from.
- Test safely: run the skill in a sandboxed environment first (no real push credentials) and review any code from the claimed repo before enabling scheduled pushes.
- If you need automated push notifications, require explicit documentation of credential names, storage location, and least-privilege instructions; consider using per-channel bot accounts or webhooks you control and revokeable tokens.
If the maintainer cannot provide a real repository and clear credential handling, treat this skill as untrusted.Like a lobster shell, security has layers — review code before you run it.
aggregatorvk97bg9jfd66n626d4msnmmq4y583k5cmlatestvk97bg9jfd66n626d4msnmmq4y583k5cmmonitoringvk97bg9jfd66n626d4msnmmq4y583k5cmnewsvk97bg9jfd66n626d4msnmmq4y583k5cmtrendingvk97bg9jfd66n626d4msnmmq4y583k5cm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.