Knowledge Harvester

ReviewAudited by ClawScan on May 10, 2026.

Overview

This skill is mostly purpose-aligned, but its privacy wording is misleading because user domain interests are used for external Google News RSS searches and then stored in persistent RAG memory.

Before installing, confirm you are comfortable sending your configured topic interests to Google News RSS and storing generated summaries in persistent RAG memory. Avoid putting sensitive personal interests in `memory/clawforage/domains.md`, and periodically review or delete files in `memory/knowledge/`.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI09: Human-Agent Trust Exploitation

What this means

A user may believe their configured interests stay local, even though those interests are sent to Google News as search terms.

Why it was flagged

The skill necessarily uses configured domain interests to query Google News RSS, while also telling users those interests are never shared externally.

Skill content

- **Licensed sources only**: Use Google News RSS ... - **Privacy**: Domain interests are personal — never share externally

Recommendation

Revise the privacy language to clearly state that configured domain queries are sent to Google News RSS, and ask users not to include sensitive interests they do not want sent externally.

Low

#ASI06: Memory and Context Poisoning

What this means

Future agent answers may be influenced by harvested summaries, including stale, inaccurate, or low-quality news descriptions.

Why it was flagged

The skill deliberately creates persistent knowledge files from external news content so they can be reused in future RAG retrieval.

Skill content

store summaries in memory for automatic RAG indexing ... Save to `memory/knowledge/{DATE}-{slug}.md`

Recommendation

Review and prune `memory/knowledge/` periodically, keep source attribution, and treat harvested summaries as untrusted reference material rather than authoritative memory.

Info

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Users have less external context for verifying the maintainer or code history, although the included scripts are visible in the artifact set.

Why it was flagged

The package includes executable shell scripts, but the registry metadata does not provide a source repository or homepage for provenance review.

Skill content

Source: unknown; Homepage: none

Recommendation

Install only if you trust the publisher or have reviewed the bundled scripts; adding a public source repository would reduce provenance ambiguity.