Skillv1.0.4

ClawScan security

ai-news-daily-v1.0.4 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 3, 2026, 1:26 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly matches an RSS/news-aggregator purpose, but there are multiple inconsistencies (version/summary-length claims, missing referenced files, and ambiguous auto‑cron behavior) that warrant caution before installing.
Guidance: This package looks like a plausible AI-news aggregator, but there are several inconsistencies you should resolve before installing or enabling it to run autonomously: - Version/behavior mismatch: SKILL.md and manifest report different versions and different summary-length targets (SKILL.md: 400–500 Chinese characters; code/config: 200–250). Decide which behavior you expect. - Missing file: run.sh and documentation reference src/push.py, but push.py is not in the package. Verify how push/cron registration is implemented and whether automatic scheduling actually occurs. - Auto-cron: the skill claims to create an OpenClaw scheduled task. Ask for the exact code path that registers the cron job (or inspect the remainder of daily_fetch.py) before allowing automatic invocation. - Env vars: translator and push features read TELEGRAM_*/DISCORD_WEBHOOK_URL/TRANSLATE_* from environment. Only provide credentials you trust and are prepared to allow the skill to use; if you won't use push features, leave those env vars unset. - Data persistence: the skill saves raw article content to data/news.db and writes data/openclaw_message.txt. If sensitive content could appear in fetched pages, review retention and file permissions. - Network activity: the skill will fetch many external RSS/HTTP endpoints and call translation services (MyMemory/Baidu/DeepL). If you require network isolation, run in a controlled environment first. Recommendation: review the complete daily_fetch.py (the provided snippet was truncated) and confirm where cron registration and push logic live. If you cannot verify the auto-scheduling/push implementation, run the skill manually (./run.sh or python3 src/daily_fetch.py in an isolated/test environment) and inspect created files/logs before enabling autonomous scheduled runs.

Review Dimensions

Purpose & Capability: noteThe name/description (daily AI news aggregator, translation, summarization, scheduled push) matches the included code and dependencies (requests, feedparser, trafilatura, etc.). Requested capabilities (translation, Telegram/Discord push) are implemented via optional env vars. However metadata and docs claim 400–500 Chinese characters summaries while code/config default to 200–250, and the published version strings in SKILL.md/_meta.json/registry differ, indicating sloppy packaging/version drift.
Instruction Scope: concernSKILL.md instructs installation and says the skill will 'automatically create an OpenClaw scheduled task' when running daily_fetch.py. The provided files show writing to data/, creating a SQLite DB, fetching many external RSS URLs, and calling translation APIs — which is expected — but there is no push.py in the manifest (run.sh and SKILL.md mention python3 src/push.py), and the truncated daily_fetch.py doesn't clearly show code that registers an OpenClaw cron job. The instructions also reference environment variables (TELEGRAM_*, DISCORD_WEBHOOK_URL, TRANSLATE_API_KEY) that are not declared in metadata; they appear optional in code but are used if present. This combination (missing referenced script + unclear auto-cron behavior + undocumented env use) is a behavioural inconsistency to verify.
Install Mechanism: okThere is no remote install step; it's an instruction- and code-only skill with a requirements.txt. Dependencies are standard Python libs for web scraping and parsing. No downloads from arbitrary URLs or extract/install steps are present in the package.
Credentials: noteThe skill does not declare required env vars in registry metadata but the code reads optional TELEGRAM_BOT_TOKEN, TELEGRAM_CHANNEL_ID, DISCORD_WEBHOOK_URL, TRANSLATE_API_KEY, and TRANSLATE_SECRET_KEY. These env vars are proportionate to push/translation features, but the mismatch between declared requirements (none) and actual optional env reads should be noted so users don't accidentally provide broad credentials without realizing why.
Persistence & Privilege: notealways:false (normal). The skill advertises creating a scheduled OpenClaw job to auto-push daily at 9:00. Auto-scheduling is expected for a daily-push skill, but the implementation for creating the cron job is not obvious in the provided files (and a referenced push.py is missing). Confirm how/when the cron job is registered before allowing autonomous runs.