ClawHub

Global Nuclear Brief

v0.1.0

Generate a grounded nuclear energy policy brief from live news using Apify + Contextual.

0· 95·0 current·0 all-time
by@ab-naidu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description claim live news + grounded generation using Apify and Contextual; the included script calls Apify and Contextual APIs directly and requires APIFY_API_TOKEN and CONTEXTUAL_API_KEY — this is coherent. Minor metadata inconsistency: registry summary lists 'Required env vars: none' while SKILL.md and the script require two env vars.
Instruction Scope
SKILL.md instructs the agent to run the bundled python script with CLI args and explicitly cautions against shell interpolation. The script only: calls Apify to fetch news, normalizes items, posts them to Contextual for generation, and prints the result. It does not read unrelated local files, exec shell commands, or contact unexpected endpoints.
Install Mechanism
No install spec is provided (lowest risk). A single Python file is bundled and run with the system python3 binary. No downloads, extracted archives, or external installers are invoked by the skill.
Credentials
The script requires APIFY_API_TOKEN and CONTEXTUAL_API_KEY which are directly used to authenticate requests to Apify and Contextual respectively; no other credentials or unrelated environment variables are requested. Ensure those tokens are scoped and revocable.
Persistence & Privilege
The skill does not request 'always: true' and does not modify other skills or system settings. It runs on demand (user-invocable) and uses default autonomous invocation settings.
Assessment
This skill appears coherent, but check these before installing: (1) Supply only scoped APIFY_API_TOKEN and CONTEXTUAL_API_KEY and ensure they can be revoked; (2) Be aware all fetched article text and metadata are sent to Contextual — don’t use secrets or non-public content in queries if you wish to avoid sharing; (3) Confirm you trust the Contextual provider’s handling/logging policies; (4) Note the registry metadata incorrectly states no required env vars — rely on SKILL.md and the script which do require tokens; (5) Run the script in a test environment first and inspect the output and network traffic if you need extra assurance.

Like a lobster shell, security has layers — review code before you run it.

latestvk97924yc9prt53wbpg8fgg1zzh83kmq4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3
ConfigAPIFY_API_TOKEN, CONTEXTUAL_API_KEY

Comments