Miniflux Skill
ReviewAudited by ClawScan on May 10, 2026.
Overview
The Miniflux client is mostly coherent, but its README shows a real external Miniflux URL as the default, which could cause your API token and requests to go to the wrong server if copied.
Install only if you intend to let the agent manage your Miniflux account. Before use, set MINIFLUX_URL to your own trusted Miniflux instance, not the README's reader.etereo.cloud example unless that is genuinely your server. Confirm destructive actions such as deleting feeds/categories or marking many items as read, and install the Python dependency in an isolated environment if possible.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If copied as-is, the skill may send API-token-authenticated requests to a server the user did not intend to use.
The documentation presents a concrete external URL as the setup value/default instead of a placeholder for the user's own Miniflux instance, while the token is also configured in the same setup flow.
export MINIFLUX_URL="https://reader.etereo.cloud" ... `MINIFLUX_URL` | Miniflux base URL | https://reader.etereo.cloud
Replace the README examples/default with a placeholder such as https://your-miniflux-instance.com, and verify MINIFLUX_URL points to your own trusted Miniflux server before setting MINIFLUX_TOKEN.
The token likely grants access to read and modify your Miniflux account data.
The skill uses a Miniflux API token from the environment to authenticate to the configured Miniflux URL, which is expected for this integration.
token = os.environ.get('MINIFLUX_TOKEN') ... return miniflux.Client(url, api_key=token)Store the token securely, use a token intended only for this purpose if possible, and double-check the configured URL before invoking the skill.
Accidental or autonomous invocation could remove subscriptions/categories or change read/bookmark state.
The skill exposes commands that can change or delete Miniflux account data. These operations are disclosed and aligned with the management purpose.
`delete-feed` | Delete a feed ... `delete-category` | Delete a category ... `mark-read` | Mark specific entries as read
Review and confirm destructive or bulk-changing commands before running them, especially delete and mark-all-as-read operations.
A compromised or changed dependency version, or a global install, could affect the local Python environment.
The documentation asks the user to install an unpinned third-party Python package, including global/system-style install examples. This is user-directed and expected, but has normal package supply-chain and environment-impact risk.
python3 -m pip install --user --break-system-packages miniflux ... uv pip install --system miniflux
Install the dependency in a virtual environment and consider pinning a trusted version of the Miniflux Python client.
A malicious feed item could try to influence the agent with prompt-injection-style text.
The skill can print full article/feed content retrieved from external sources into the agent context. That content is expected for a feed reader, but it may contain untrusted instructions.
print(f"\n📝 Full Content:\n{entry['content']}")Treat feed/article content as untrusted information and do not let it override the user's current instructions.