Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Clawfeed
v0.1.0AI-powered tool generating structured news summaries from Twitter and RSS feeds with digest options for 4H, daily, weekly, and monthly intervals.
⭐ 1· 1k·4 current·4 all-time
by@94w666
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (Twitter + RSS digest) align with the files and endpoints described in SKILL.md (digest endpoints, templates, curation rules). However SKILL.md does not document how Twitter feeds are ingested (no Twitter API keys, no scraping approach described), which is an unexplained gap for the advertised capability.
Instruction Scope
Runtime instructions are limited to standard Node project steps (npm install, copy .env, npm start) and references to local config/templates and an SQLite DB path. The instructions do not ask the agent to access unrelated system files or credentials beyond the project, but they do require editing .env and config files inside the project.
Install Mechanism
This is an instruction-only skill that tells you to run `npm install` — which will fetch and run arbitrary packages from the npm registry. The README specifically lists a native addon dependency (better-sqlite3), which may compile native code during install. Because there is no packaged code in the skill bundle and no explicit package.json to inspect here, running install pulls unreviewed third-party code and native build steps — a moderate risk.
Credentials
The registry lists no required env vars or credentials, while SKILL.md documents optional env vars (GOOGLE_CLIENT_ID/SECRET, SESSION_SECRET, API_KEY) for auth/write features. Those variables are plausible and proportional. The only minor inconsistency: the description claims 'zero credentials' for read-only mode but the doc then lists several optional secrets for extended features — this is reasonable but should be noted.
Persistence & Privilege
The skill does not request always:true or system-wide privileges. It runs a local API server and writes a local SQLite DB (`data/digest.db`) — expected for this app. It does not declare modifications to other skills or global agent settings.
What to consider before installing
This is an instruction-only Node.js project and not a packaged binary — before installing or running it: (1) inspect the project's package.json and package-lock (or yarn.lock) to see exact dependency names and versions; (2) verify how Twitter feeds are obtained (look for twitter API client usage or scraping code) — if you rely on Twitter API you should expect additional credentials; (3) run npm install and the service inside an isolated environment (container or VM) because npm packages (especially native addons like better-sqlite3) run code during install; (4) if you enable auth/write features, set a strong SESSION_SECRET and API_KEY and restrict ALLOWED_ORIGINS; (5) review templates and curation rules to ensure no accidental data exfiltration; and (6) avoid running this on sensitive hosts until you’ve audited dependencies and the source code. If you can obtain the full repository (package.json + code) and a list of dependency versions, re-run this evaluation — that would raise confidence.Like a lobster shell, security has layers — review code before you run it.
latestvk977jn7qe2rey73t22p6hnyxzh81v4mk
License
MIT-0
Free to use, modify, and redistribute. No attribution required.