Skillv1.0.5

ClawScan security

newsnow-reader · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 9, 2026, 10:31 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions match its description (fetching and formatting hot news from multiple Chinese platforms) and do not request credentials or privileged system access, but it performs broad network scraping and uses cookie-generation/auto-login heuristics that may be unreliable or undesired in sensitive environments.
Guidance: This skill appears to do what it says: run the included Python scripts to fetch and format hot news. Before installing or running it: 1) be aware it will make outbound HTTP requests to multiple third‑party domains (Weibo, Zhihu, Baidu, Douyin, WallstreetCN, Toutiao, ThePaper). 2) The fetchers generate or obtain cookies automatically (fake Weibo cookies, auto‑fetch Douyin Set-Cookie) — this may be unreliable, could trigger anti‑scraping protections, and may violate some sites' terms of service. 3) Run in an isolated environment or a machine without sensitive network access if you are concerned about outbound traffic. 4) If you need auditability, review the full fetch_news.py (ensure there are no hidden endpoints) and test with rate limits and timeouts. 5) If you expect production reliability, plan for handling site API/HTML changes and legal/ToS considerations for scraping.

Review Dimensions

Purpose & Capability: okThe name/description (read real‑time hot news from 8 platforms) aligns with the included scripts: fetch_news.py implements per‑platform fetchers and format_news.py formats output. No unrelated env vars, binaries, or install steps are requested.
Instruction Scope: noteSKILL.md tells the agent to run the provided Python scripts which make outbound HTTP requests to the listed news platforms. That is within the declared purpose, but the instructions and code explicitly: generate fake Weibo cookies, automatically request login.douyin.com to collect Set-Cookie headers, and otherwise perform scraping. These are network‑heavy operations and may have side effects (rate limits, anti-bot triggers). The skill does not read local files or environment variables beyond what the scripts need.
Install Mechanism: okThere is no install spec; this is an instruction+script bundle. No third‑party packages or remote downloads are requested, and the code uses only the Python standard library as claimed.
Credentials: noteThe skill requests no credentials or env vars (consistent). However, it claims to 'automatically generate' cookies and to auto‑obtain Douyin session cookies — this is a behavior that could be misleading (it does not require or ask for user secrets but simulates/collects cookies from remote endpoints). No cross‑service credentials are requested.
Persistence & Privilege: okThe skill is not always-enabled and requests no persistent system privileges. It does not modify other skills or system configs. Autonomous invocation is allowed (platform default) but not combined with unusual privileges.