PULSE Magazine
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly reads PULSE Magazine content, but it also lets an agent post comments under arbitrary author names without clear approval safeguards.
This skill appears safe for reading PULSE reports and articles. Be careful with the comment feature: only allow it when you explicitly want to post text to the PULSE service, and avoid sending private information or using an author name that could misrepresent someone.
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could post a comment to PULSE Magazine under a chosen author name, potentially creating public or reputational impact without the user realizing it.
This code performs a remote POST that can publish a comment using user-supplied author and content fields. The artifacts do not show confirmation, moderation awareness, identity checks, or limits on when an agent may use it.
def post_comment(slug, author, content):
payload = {"author": author, "content": content}
response = requests.post(f"{BASE_URL}/api/v1/articles/{slug}/comments", json=payload)Use the read-only tools freely, but require explicit user approval before invoking comment posting. The skill should clearly label comments as potentially public and constrain or validate author/content values.