Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
News Digest Aggregator - 新闻聚合
v1.0.0Daily automated news digest that fetches RSS feeds, aggregates articles using LLM summarization, and delivers formatted digests to messaging channels (Discor...
⭐ 0· 48·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The description and SKILL.md state the aggregator performs LLM-based summarization, but the included script does not call any LLM API or require an LLM API key. The script instead truncates feed summaries extracted from RSS entries. Also, the registry metadata declares no required environment variables or primary credential even though the SKILL.md and script expect channel webhook environment variables (DISCORD_WEBHOOK_URL, SLACK_WEBHOOK_URL, FEISHU_WEBHOOK_URL). These mismatches indicate the manifest, docs, and code are not fully aligned with the stated purpose.
Instruction Scope
SKILL.md instructions are narrowly scoped to editing sources.json, setting webhook env vars, and running the script (manually or via cron). The instructions do not request any system files or unrelated credentials. However, they instruct the user to set channel webhook environment variables (which are required at runtime) while the package metadata lists none — an inconsistency that can mislead non-technical users.
Install Mechanism
There is no formal install spec, but the script attempts to auto-install required Python packages (feedparser and requests) at runtime using os.system and pip. Auto-installing packages on first run can be convenient but is higher risk: it performs network downloads from PyPI at runtime and runs arbitrary code during installation without version pinning or verification. This behavior should be documented and hardened (e.g., pinned versions, requirements.txt, or instruct user to install dependencies explicitly).
Credentials
The skill needs channel webhook URLs to operate, which are appropriate and proportionate for sending digests. BUT the registry metadata omitted these required env vars (shows none). This mismatch can cause surprise when running (script exits if webhooks are not set). No other unrelated secrets are requested, and the script does not attempt to read other environment variables or sensitive system files.
Persistence & Privilege
The skill does not request persistent presence (always:false), does not modify other skills or system-wide agent settings, and does not embed autonomous background behavior beyond what the agent normally permits. There is no evidence of privilege escalation or persistent credential storage in the provided files.
What to consider before installing
Key things to check before installing/running:
- Understand the real capabilities: the package claims to do LLM summarization but the script does not call any LLM service. If you expect LLM summaries, ask the author for the intended integration or add your own LLM calls (and the corresponding API key handling).
- The registry metadata doesn't declare required env vars; the script requires DISCORD_WEBHOOK_URL, SLACK_WEBHOOK_URL, or FEISHU_WEBHOOK_URL at runtime. Set these only to trusted webhook endpoints.
- The script auto-installs dependencies via pip at runtime (unpinned). Prefer to run pip install yourself in a controlled environment with pinned versions, or request a requirements.txt / explicit install instructions from the author.
- Audit sources.json to ensure you trust the RSS feeds being fetched and that the fetch timeout and article limits meet your expectations.
- If you will run this on a server or schedule it (cron), run it in an isolated environment (container or virtualenv), pin dependencies, and consider adding logging/monitoring. If you need LLM summarization, require and manage LLM API keys explicitly rather than relying on undocumented behavior.
If you want, I can produce a safer requirements.txt, add explicit LLM integration scaffolding, or create a hardened run checklist for deployment.Like a lobster shell, security has layers — review code before you run it.
latestvk97fgmd1xasbzq0pxav8egz6vx83xq5j
License
MIT-0
Free to use, modify, and redistribute. No attribution required.