Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
SkillMetricScraper
v1.3.0OpenClaw Skills Weekly — tracks trending ClawHub skills, generates GitHubAwesome-style YouTube video scripts with two-track ranking (Movers + Rockets).
⭐ 0· 363·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's stated purpose (ClawHub discovery, ranking, script generation) matches the code: discovery, ranking, harvesting, and Anthropic-based script generation are implemented. However the declared registry metadata is incomplete: the package uses the GitHub CLI ('gh') via subprocess in project_tracker.py and expects pip packages (httpx, dotenv, etc.) but the registry 'required binaries' only lists python3 and there is no install spec. That mismatch between declared requirements and actual dependencies is an incoherence.
Instruction Scope
Runtime instructions and code perform network operations across multiple external services: ClawHub API, GitHub (API/raw), Anthropics (Claude via ANTHROPIC_API_KEY), and community sources (X/Twitter, Reddit). project_tracker.py calls the 'gh' CLI without declaring it or passing an explicit token, which means it will use any gh-authenticated user credentials on the host. The skill writes a local SQLite DB and output files under user/home or container paths. These actions are within the broad purpose but the implicit use of host GitHub auth (and the potential for additional captures via x_capture/reddit_capture) expands the attack surface beyond what the minimal declared requirements suggest.
Install Mechanism
The registry lists no install spec (instruction-only), but SKILL.md instructs pip install -r requirements.txt and the repository contains requirements.txt and multiple Python modules that import third-party libraries (httpx, python-dotenv, anthropic client likely). There is no automated vetting or pinned-install mechanism declared; this manual-install pattern increases risk if users install packages without review. No downloads from untrusted URLs were seen in provided files.
Credentials
The declared required env var (ANTHROPIC_API_KEY) is proportionate for LLM-based script generation. Optional env vars (GITHUB_TOKEN, XAI_API_KEY, CLAWHUB_BASE_URL) are reasonable. However, project_tracker uses the 'gh' CLI which will use any gh auth the host user has configured (without needing GITHUB_TOKEN env), effectively giving the skill access to host GitHub credentials not declared in requires.env. That implicit credential usage is disproportionate to a simple trending/reporting skill and should be made explicit or disabled by default.
Persistence & Privilege
The skill does create and write a local SQLite DB and output files under per-user data directories (or a container workspace). It does not request 'always: true', does not modify other skills' configs, and does not request elevated OS privileges. File writes are expected given the purpose.
What to consider before installing
This skill appears to implement the described ClawHub snapshot → rank → harvest → script pipeline, but there are several mismatches and implicit behaviors you should review before installing: 1) Check requirements.txt and inspect third-party packages before running pip install; run installs in an isolated environment (virtualenv/container). 2) The project_tracker uses the 'gh' CLI (subprocess.run) and will use whatever GitHub credentials the host's gh CLI provides — if you don't want the skill to access your GitHub account, avoid installing or run with --skip-meta / remove project_tracker. 3) If you care about limiting network exposure, run with flags to skip X/Twitter and GitHub capture (e.g., --skip-x, --snapshot-only) and test in --mock mode first. 4) Only provide ANTHROPIC_API_KEY (and any other API keys) with least privilege and consider using ephemeral/test keys. 5) Review where the DB and output files are written (default: ~/.local/share/skills-weekly or container workspace) and ensure that path is acceptable. If you need this skill, prefer running it in a dedicated container or VM and inspect/lock down any CLI tools (gh) or credentials on the host.Like a lobster shell, security has layers — review code before you run it.
analyticsvk972vw0nzw3zhnxdy50yba1pxs825weblatestvk972vw0nzw3zhnxdy50yba1pxs825webredditvk9778f95v61e76hw72bbp0cbhx825t5nremotionvk972vw0nzw3zhnxdy50yba1pxs825webtime-seriesvk972vw0nzw3zhnxdy50yba1pxs825webtrendingvk972vw0nzw3zhnxdy50yba1pxs825webyoutubevk972vw0nzw3zhnxdy50yba1pxs825web
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binspython3
EnvANTHROPIC_API_KEY