Back to skill
Skillv1.2.0
ClawScan security
Rss To Social · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 20, 2026, 8:59 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's README and metadata promise direct posting and multi-service integrations, but the included code only fetches feeds, generates posts locally, and prints them — several claimed features and some env vars are not implemented or documented, so the package is inconsistent with its description.
- Guidance
- This package appears to be an incomplete implementation: it will fetch RSS feeds, create post text, and print posts locally, but it does not actually post to Twitter/LinkedIn or integrate with Buffer/Hootsuite/Telegram despite claiming to do so. Before installing or providing any API credentials: 1) Review the script and confirm whether you need the actual posting capability — the current script does not use TWITTER_* or LINKEDIN_ACCESS_TOKEN. 2) If you plan to enable real posting, update the code to perform authenticated API calls securely (avoid hardcoding secrets) and review rate limits/permissions. 3) Note the script writes posted.json to .rss-to-social (or to RSS_TO_SOCIAL_DATA_DIR if you set it) — consider using an isolated workspace and backup/remove that file if needed. 4) Do not provide social account API keys until you verify the code path that uses them and test in a safe/test account. 5) If you expect fully automated posting, ask the publisher for a version that implements and documents the posting integrations (or add the functionality yourself) — the current mismatch between docs and code is why this is flagged suspicious.
Review Dimensions
- Purpose & Capability
- concernThe skill claims automatic publishing to Twitter/LinkedIn, Buffer/Hootsuite integration, Telegram approval workflow, and OpenClaw publishing — but the provided script only fetches feeds, generates post text, prints output, and marks items as posted locally. Required binaries and declared required env vars (RSS_FEED_URLS, SOCIAL_PLATFORMS) are appropriate, but many advertised capabilities are missing from the code.
- Instruction Scope
- concernSKILL.md instructs users to set optional API credentials (TWITTER_*, LINKEDIN_ACCESS_TOKEN) and describes approval/publishing workflows, but the runtime instructions and the python script do not use those API creds or implement posting/approval logic. The script also reads an undocumented env var (RSS_TO_SOCIAL_DATA_DIR) and writes .rss-to-social/posted.json, which SKILL.md partly documents as .rss-to-social/posted.json but does not mention the alternate env var.
- Install Mechanism
- noteNo install spec is provided (instruction-only), but a requirements.txt exists listing feedparser. That's low risk, but there is no automated install step in the package — users must install Python deps themselves. No external downloads or obscure URLs are used.
- Credentials
- noteDeclared required env vars (RSS_FEED_URLS, SOCIAL_PLATFORMS) match the core functionality. The README lists optional API tokens for Twitter/LinkedIn — reasonable for a posting feature — but those tokens are not consumed by the included script, which is an inconsistency. The script uses an additional env var (RSS_TO_SOCIAL_DATA_DIR) that is not documented in SKILL.md.
- Persistence & Privilege
- okNo elevated privileges requested. always is false. The skill stores a posted history in a local directory (.rss-to-social by default) — expected behavior for deduplication and not affecting other skills or system-wide settings.