ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

daily-news-english-cards

v1.0.0

Generate daily bilingual English learning cards with vocabulary, summaries, and AI-created comic illustrations from the latest news in politics, finance, spo...

0· 27·0 current·0 all-time
by@jasonruan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with required APIs and the bundled script: Tavily for news, DeepSeek for text-generation, OpenRouter for images. Required packages in requirements.txt and SKILL.md match the stated functionality.
!
Instruction Scope
SKILL.md instructs to set three API keys and run the generator script, which is consistent. However, the script's _load_dotenv() will search for and load a .env file from the script parent directories and the current working directory and inject any key=value pairs into the environment if the key is not already set. That means it may read unrelated secrets from the user's filesystem (e.g., other tokens in a repo-level .env). The SKILL.md does not warn about this behavior.
!
Install Mechanism
There is no formal install spec, but the script auto-installs missing Python packages via subprocess.check_call([sys.executable, '-m', 'pip', 'install', ...]) at runtime. Auto-installing packages without an explicit install step can modify the environment unexpectedly and pulls code from package indexes at runtime. The packages themselves are common (tavily-python, openai, Pillow, requests), but runtime pip installs raise risk and surprise.
Credentials
The three required environment variables (TAVILY_API_KEY, DEEPSEEK_API_KEY, OPENROUTER_API_KEY) are appropriate for the stated services. However, because the script will load .env files and populate os.environ for any keys found, it can introduce additional environment variables that were not declared or intended by the skill. That increases the attack surface if sensitive keys exist in those files.
Persistence & Privilege
The skill is not always-enabled and does not declare persistent elevated privileges. It writes outputs to an output/ directory and caches fonts under ~/.cache/news-cards-fonts, which is reasonable for a generator script. It does not modify other skills' configs.
What to consider before installing
This skill appears to implement its advertised functionality, but exercise caution before running it. Key considerations: - Review the generate_cards.py source yourself (it was included) and confirm you trust calls to external APIs (Tavily, DeepSeek, OpenRouter). - The script will auto-install missing Python packages at runtime; run it in a controlled environment (virtualenv, container) so installs don't affect your system Python. - The script auto-loads a .env file from parent folders or the cwd and injects any key=value pairs into the environment if not already set. That can cause unrelated secrets to be used unintentionally — inspect any .env files in the repository tree before running, or delete/rename them. - Provide only the API keys required for the services; avoid placing other sensitive credentials in .env files accessible to this script. - If you want lower risk, set the three required env vars explicitly and run the script in an isolated environment; consider removing or modifying the .env-loading behavior before use. If you want, I can point to the exact lines that implement .env loading and runtime pip installs so you can patch or sandbox them.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fcrv43vxm8m9213y2z10yhs844tgf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments