Back to skill
Skillv1.0.0
ClawScan security
RSS监控 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 28, 2026, 8:48 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements match its stated purpose (RSS/Atom monitoring) and do not request unrelated privileges or secrets.
- Guidance
- This skill appears consistent with an RSS/Atom monitor. Before installing, note: (1) it will fetch remote feed URLs over the network — only add feeds you trust and consider privacy implications; (2) the provided example keeps update state in memory (no persistence) — if you need historical state, implement safe storage; (3) pip packages run code on install — installing feedparser from PyPI is common, but you may prefer to review or pin the dependency version; (4) the curl|grep example is brittle and may not correctly parse XML/HTML — prefer using the Python feedparser code for production. If you want stronger isolation, run the skill or its dependencies in a sandboxed environment.
Review Dimensions
- Purpose & Capability
- okName and description describe RSS/Atom monitoring; the only dependency is feedparser and the provided Python sample implements feed parsing, update detection, and basic filtering — all coherent with the stated purpose.
- Instruction Scope
- okSKILL.md instructs installing feedparser and shows explicit Python logic plus a simple curl example. Instructions do not request unrelated files, environment variables, or transmit data to unexpected endpoints. The curl/grep example is simplistic and brittle but not out-of-scope.
- Install Mechanism
- okNo install spec beyond advising `pip install feedparser` (a standard PyPI dependency). No arbitrary downloads or archive extraction; low install risk.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths. Requested access is proportional to monitoring feeds over the network.
- Persistence & Privilege
- okSkill is not always-on and does not request elevated persistence or modify other skills/configurations. The provided sample stores last_check in-memory (no persistent storage), which is a functional detail rather than a privilege escalation.