Skillv1.0.0

ClawScan security

ai-newsletter-chn-for-hermes · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 29, 2026, 8:55 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions match its stated purpose (building a daily AI newsletter) but the SKILL.md requires two third‑party API keys that are not declared in the registry metadata — this inconsistency and the fact that fetched page contents will be sent to external services warrant caution.
Guidance: Before installing or enabling this skill: (1) Confirm the registry metadata is updated to list BRAVE_API_KEY and FIRECRAWL_API_KEY — the SKILL.md requires them. (2) Only provide API keys you trust and that are scoped appropriately; understand that search queries and fetched page contents will be sent to those third‑party services (check their privacy and retention policies). (3) Ask the author how fetched article content is handled/stored and whether summaries are generated locally or sent to another model service (SKILL.md mentions summary_model='host-default' but is vague). (4) If you cannot verify the Brave/Firecrawl endpoints or do not want external services to receive fetched content, do not install. (5) If you proceed, prefer short‑lived or limited‑scope keys and monitor usage/billing for those services.

Review Dimensions

Purpose & Capability: noteThe skill's runtime instructions (search, fetch, verify, summarize) align with a news‑newsletter generator. It requests web_search and web_fetch toolsets and describes plausible inputs/outputs. However, the declared registry metadata lists no required environment variables while SKILL.md explicitly requests BRAVE_API_KEY and FIRECRAWL_API_KEY — a metadata/instruction mismatch.
Instruction Scope: noteSKILL.md stays within the newsletter scope: it performs web searches, fetches pages, verifies and summarizes articles, and returns markdown/JSON. It does not instruct reading local files or touching unrelated system state. It does, however, rely on external search/fetch services (Brave, Firecrawl) so query strings and fetched content will be transmitted to those providers; that network activity is expected but should be made explicit to users.
Install Mechanism: okThis is an instruction‑only skill with no install spec or code to download or write to disk. That minimizes install‑time risk.
Credentials: concernSKILL.md requests two API keys (BRAVE_API_KEY and FIRECRAWL_API_KEY). These credentials are relevant to web search/fetch functionality, so the keys themselves are proportionate — but the registry metadata omitted them entirely. Requiring third‑party keys means user queries and fetched article content will be sent to external services; users should consider privacy, billing, and scope of those keys. The metadata/instruction mismatch is a red flag for packaging or potential credential handling omissions.
Persistence & Privilege: okThe skill is not set to always: true, has no install actions, and does not request system config paths or other skills' credentials. It does not request persistent system privileges.