Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Podcast to Substack
v1.0.0Publish podcast episodes from RSS and Notion to Substack with Apple Podcasts embeds and images, then generate LinkedIn-ready companion posts.
⭐ 0· 712·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (publish podcast episodes from RSS + Notion to Substack and generate LinkedIn posts) aligns with the included scripts: fetch_rss.py, fetch_notion_episode.py, render_linkedin_post.py, and a small shell helper for Apple Podcasts. Nothing in the code asks for unrelated cloud provider credentials or system-level access. However the skill metadata lists no required environment variables while the SKILL.md and the Notion fetcher explicitly require a NOTION_API_KEY and fallback to ~/.config/notion/api_key; Substack/LinkedIn publish access is noted as an input but not declared in the registry. That mismatch between declared requirements and actual operations is a proportionality/information gap.
Instruction Scope
The SKILL.md contains explicit, narrow runtime steps (run fetch_rss, fetch_notion_episode which recursively traverses Notion blocks and downloads images, build/publish via Substack playbook, render LinkedIn post). These steps stay within the stated publishing/cross-posting scope. Caveats: the instructions reference reading a local Notion API key file (~/.config/notion/api_key) and performing image downloads to local disk; they also leave posting/queuing LinkedIn and publishing to Substack as manual/unspecified steps (credentials/automation details for Substack/LinkedIn are not documented). The scripts will open network connections to Notion and to image URLs; this is expected but should be acknowledged.
Install Mechanism
There is no install spec (instruction-only install), so nothing is written to disk at install time beyond the included scripts. One script (fetch_rss.py) dynamically pip-installs feedparser if it's missing via subprocess.check_call; that is a runtime install behavior rather than a preinstall step. No downloads from opaque URLs or archive extraction are present.
Credentials
The registry lists no required env vars or primary credential, but the SKILL.md and fetch_notion_episode.py require a Notion API key (NOTION_API_KEY or ~/.config/notion/api_key). The skill also expects 'Substack publish access' and to be able to post/queue LinkedIn content, which implies additional credentials or OAuth tokens that are not declared. Requesting a workspace API key that grants read access to Notion pages is legitimate for the stated purpose, but the omission from metadata is a mismatch and increases risk because the platform/action gate can't surface the needed secrets to the user. Downloads of images from arbitrary URLs (present in page content) are also performed and stored locally; while expected, this means the skill will fetch external content using your system's network egress.
Persistence & Privilege
The skill does not request permanent automatic inclusion (always: false) and does not modify other skills or global agent settings. It writes files (downloaded images, created drafts) into working directories when run, which is normal for this workflow. The agent-autonomous-invocation flag is at its default; that alone is not a concern and is expected for actionable skills.
Scan Findings in Context
[runtime-pip-install-subprocess] expected: fetch_rss.py will run subprocess.check_call to pip-install feedparser if it's missing. This is reasonable for an instruction-only skill but means the script can install Python packages at runtime; consider running in an isolated environment or pre-installing dependencies.
[reads-user-home-config] expected: fetch_notion_episode.py will read NOTION_API_KEY from the environment or from ~/.config/notion/api_key. Accessing a key file in the user's home directory is expected for Notion access, but the registry metadata did not declare this requirement.
[downloads-external-resources] expected: The Notion fetcher downloads image URLs discovered in pages and writes them to local files. Network fetches of arbitrary URLs are expected for image extraction but mean the skill will contact remote hosts and store external content locally.
What to consider before installing
This skill appears to implement exactly the podcast → Substack → LinkedIn workflow described, but the metadata omitted important details. Before installing or running it: 1) Confirm you'll provide a Notion API key (NOTION_API_KEY) and understand that the script will look for ~/.config/notion/api_key as a fallback. 2) Determine how Substack and LinkedIn publishing will be authenticated (this skill does not declare or implement those credentials). 3) Run the scripts in an isolated environment (container or dedicated VM) because they will download images from external URLs and may pip-install feedparser at runtime. 4) Inspect the scripts yourself (they are included) to confirm you are comfortable with network calls to Notion and arbitrary image hosts. 5) If you plan to let an agent invoke this autonomously, add explicit checks or logging for what gets published and which accounts are used. If you want me to, I can produce a checklist of the exact credentials/configuration to add to the skill metadata and a minimal wrapper to safely sandbox runtime installs and network access.Like a lobster shell, security has layers — review code before you run it.
latestvk9731mjn29wq50rjhnf06cnbj58153t9linkedinvk9731mjn29wq50rjhnf06cnbj58153t9notionvk9731mjn29wq50rjhnf06cnbj58153t9podcastvk9731mjn29wq50rjhnf06cnbj58153t9substackvk9731mjn29wq50rjhnf06cnbj58153t9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.