Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (subscribe to public account feeds and fetch raw articles for daily digests) match the instructions: all examples call a documented API to create channels, subscribe bundles, add sources, and fetch articles. Required binaries (curl, jq) are appropriate for the shown commands.
Instruction Scope
SKILL.md contains only HTTP curl examples against the stated API and no steps that read local files, environment secrets, or other system state. It instructs posting feed URLs and fetching article lists — behavior aligns with the stated purpose.
Install Mechanism
This is an instruction-only skill with no install spec or code files. No files will be written to disk and nothing is downloaded or executed beyond using curl/jq at runtime.
Credentials
The skill requires no credentials (no env vars). This is coherent, but also means requests (including posted feed URLs and retrieved article content) will go to api.plotlake.com without explicit authentication — users should understand that feed URLs and article content will be transmitted to that third party.
Persistence & Privilege
The skill does not request always:true, does not alter other skills, and contains no installation steps that modify agent/system configuration. Autonomous invocation is allowed by default (platform behavior) but there is no additional privilege escalation requested.
Assessment
This skill behaves as a thin client that talks to https://api.plotlake.com using curl. Before installing, confirm you trust that service: any feed URLs and retrieved article content will be transmitted to that endpoint (there is no auth described). Avoid submitting private/internal URLs or confidential content. If you require stronger privacy guarantees, ask whether the project supports authentication, encryption beyond HTTPS, or a self-hosted instance; verify the GitHub homepage and the API domain match an official project and review its privacy documentation. If unsure, test with non-sensitive public feeds first and monitor network traffic (or use a proxy) to confirm what is sent/received.Like a lobster shell, security has layers — review code before you run it.
latestvk97077d4n6exf5xyagwr72vy8n83d0nm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Any bincurl, jq