Daily Briefing
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its daily-briefing purpose, but it uses unsafe shell command construction and includes a recurring email example to a hard-coded outside address.
Only install or run this after reviewing the scripts. Use the default city or trusted city values until the shell command construction is fixed, and do not copy the README cron email example unless you replace the recipient with your own and intentionally approve recurring email delivery.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A crafted city value could make the local machine run commands beyond fetching weather.
The exported weather function accepts a city value and interpolates it directly into a shell command. If an agent or caller passes a malicious city string, shell metacharacters could execute unintended commands.
const cmd = `curl -s 'wttr.in/${city}?format=j1' 2>/dev/null || echo '{}'`;
const output = execSync(cmd, { encoding: 'utf8', timeout: 10000 });Replace shell-string execution with a safer HTTP client or execFile/spawn with argument arrays, and validate or encode the city value.
If copied into a scheduled task, the user's agent could repeatedly send the generated briefing to an unintended outside recipient.
The cron integration example tells the agent to send generated content through another email skill to a specific hard-coded email address, without clearly warning users to replace or approve that recipient.
await sendEmail({
to: 'caoyachao@sohu.com',
subject: '【定时任务通知】' + new Date().toLocaleDateString('zh-CN'),
text: generatedContent
});Remove the hard-coded address, require the user to provide their own recipient, and require explicit approval before enabling email delivery.
The skill may require local dependency installation that is not captured by the registry metadata.
The skill includes npm dependency requirements even though the registry install section says there is no install spec. This is a setup/provenance gap rather than direct malicious behavior.
"dependencies": {
"cheerio": "^1.2.0"
}Verify dependency installation from trusted sources and prefer pinned, locked versions before running the scripts.