Auto news podcast
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill’s news-podcast purpose is coherent, but it can read local OpenClaw/API credential configuration and run an undeclared external helper skill, so users should review it before installing.
Before installing, confirm you are comfortable with the skill reading OpenClaw model/API configuration and calling third-party search, image, model, and TTS providers. Use limited-scope API keys where possible, monitor provider usage/costs, and review or disable the undeclared autoglm image-helper fallback if you do not trust that separate local skill.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
User keywords, generated prompts, or news text may be sent to third-party services during normal use.
The skill intentionally calls external search and text-to-speech providers as part of the news podcast workflow.
Tavily Search → Baidu Search → Tavily API Retry → News Aggregator ... CellCog → edge-tts → System TTS
Avoid sensitive/private keywords and review the provider accounts, costs, and data-handling terms before use.
The skill may use local model/provider credentials and potentially incur account usage or expose broader account authority than users expect from the registry metadata.
The script reads the local OpenClaw configuration and model provider API-key settings, including resolving environment-variable based keys.
config_path = os.path.expanduser('~/.openclaw/openclaw.json') ... 'api_key': provider_config.get('apiKey') ... env_key = os.environ.get(api_key)Install only if you are comfortable with this skill using OpenClaw provider credentials; prefer restricted API keys, clear provider selection, and explicit credential/config-path declarations.
Cover-image generation could run code from an undeclared external skill with separate provenance and permissions.
The image fallback can execute a script from another locally installed skill if present, but that dependency is not declared in the install metadata.
autoglm_skill = os.path.expanduser('~/.agents/skills/autoglm-generate-image') ... subprocess.run([sys.executable, script_path, '--prompt', prompt, '--output', output_path]Declare and pin any helper-skill dependency, require explicit user opt-in before invoking it, or remove the automatic cross-skill execution path.