V2ex Hot Cn

PassAudited by VirusTotal on May 12, 2026.

Overview

Type: OpenClaw Skill Name: v2ex-hot-cn Version: 1.0.0 The skill bundle is benign. The `scripts/v2ex_fetch.py` script explicitly uses hardcoded 'mock data' for V2EX topics and does not perform any actual network requests, file system operations, or subprocess executions. While `SKILL.md` declares `curl` as a required binary, the Python script does not utilize it. There are no signs of data exfiltration, malicious execution, persistence, or prompt injection attempts against the agent.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence

ASI09: Human-Agent Trust Exploitation

What this means

Users may think they are seeing current V2EX trending posts when the included script is actually returning sample data.

Why it was flagged

The user-facing description says the skill monitors or gets V2EX hot topics, while the implementation explicitly uses simulated hard-coded data. This may make results less reliable than users expect.

Skill content

def get_v2ex_hot(limit=10, node=None):
    """获取 V2EX 热门（模拟数据）"""
    mock_topics = [

Recommendation

Treat the output as sample or demo data unless the skill is updated to clearly fetch live V2EX content and disclose its data source.