ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

科技新闻日报

v0.2.2

科技新闻日报技能。每日科技新闻热榜整理与报告生成。当用户说"科技新闻日报"、"整理今日科技新闻"、"生成科技新闻热榜"、"tech-news-daily"、"TechNews-Daily-Report"或类似表达时触发。功能包括:(1) 使用 Tavily 搜索引擎近7天科技/AI 新闻进行搜索;(2) 按相关度...

0· 94·0 current·0 all-time
by@binhuatochina
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (daily tech news aggregation + Feishu sync + local markdown) aligns with the instructions: Tavily searches, de-duplication, scoring, write local file, create/write Feishu doc. Nothing requested (no unusual binaries or unrelated cloud creds) appears out of scope for a news-aggregation skill.
Instruction Scope
Instructions are specific and constrained to searching (tavily_search), merging/deduping, scoring, writing a local markdown file (memory/YYYY-MM-DD-tech-news.md), and creating/writing a Feishu doc. This scope is appropriate for the stated purpose. Points to note: the skill instructs use of sessions_spawn (subagent) for long-running tasks and explicitly writes to a local 'memory' path — ensure you understand where that memory is stored/accessible. The SKILL.md and references include concrete example node/doc tokens and a numeric space_id which could be real or sample values; if real, they are sensitive because they identify/target a particular Feishu space.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. Nothing is downloaded or written by an installer.
!
Credentials
The skill declares no required env vars or primary credential, yet it expects to call Tavily and Feishu actions and to supply owner_open_id/folder_token/doc_token in runtime calls. That can be fine if the platform provides these connectors, but the references file contains concrete example tokens (space_id = `7621391289904516315`, node_token = `GUQFwzZL2id2kyk1oZ5clyc0nab`, example doc_token) which could be real identifiers or secrets. Embedding or relying on static tokens without clarifying whether they are placeholders is a proportionality concern: the skill will attempt to write to a Feishu space and to the local memory path — confirm which credentials/authorizations are actually used and who controls the destination tokens.
Persistence & Privilege
always:false and normal model invocation. The skill recommends spawning a subagent for long-running tasks, which is reasonable for multi-step collection/report generation. It does instruct writing local memory files and updating a sync record; this is appropriate for a reporting skill but you should verify where 'memory' resides and what permissions are required to create files and to create/edit Feishu docs.
What to consider before installing
This skill appears to do what it says (collect news, dedupe, score, save locally, and create a Feishu doc), but check three things before installing: (1) Confirm whether the example Feishu space/node/doc tokens in references are placeholders. If they are valid tokens, the skill could write to that specific Feishu space — remove or replace them with a clear instruction to request the user's own tokens. (2) Understand where the local 'memory/YYYY-MM-DD-tech-news.md' files will be stored and who/what can read them on your system/agent runtime. If your agent exposes sensitive project info, saved files could leak context. (3) Verify how Tavily and Feishu calls will be authorized on the platform (will they use platform-provided connectors or ask you for credentials?). Only grant the minimum permissions needed (ability to create a doc in your chosen personal space) and avoid giving global account tokens. If the author can clarify that tokens in references are dummy/sample values and that the skill will always ask the user for the owner_open_id/folder_token (or use the platform's per-user connector), the risk is reduced. If you need higher assurance, request that the author remove hardcoded tokens from the references file and document exactly which permissions are required and where files are stored.

Like a lobster shell, security has layers — review code before you run it.

aivk97565s9mfr07dgxyfmgxwepr9849trmdaily-reportvk97565s9mfr07dgxyfmgxwepr9849trmfeishuvk97565s9mfr07dgxyfmgxwepr9849trmlatestvk970ryvmepnh6azvff45bqxb3584a30vnewsvk97565s9mfr07dgxyfmgxwepr9849trmtavilyvk97565s9mfr07dgxyfmgxwepr9849trm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments