Skillv1.0.1

ClawScan security

newsnow · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

SuspiciousMar 5, 2026, 8:57 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior matches its description (fetching trending news) but provenance is unclear (no source/homepage) and the runtime relies on npx/npm (remote code execution) without an explicit install spec, which is a notable risk.
Guidance: The skill appears to do what it says, but exercise caution before running it: the SKILL.md expects you to run 'npm install' or 'npx newsnow' which will fetch and execute code from npm. Because there is no source repository or homepage listed, you cannot easily audit the package beforehand. Before installing or running: (1) prefer a package with a linked repository/homepage and inspect its code; (2) run npx/npm commands in a sandbox/container or isolated environment; (3) only provide PRODUCTHUNT_API_TOKEN if you trust the package; and (4) consider reaching out to the publisher or searching the npm registry for the package name and publisher reputation. These steps reduce risk from untrusted runtime code execution.

Purpose & Capability: okThe named sources, commands, and the single env var (PRODUCTHUNT_API_TOKEN) line up with a CLI that fetches trending news from many platforms. The declared functionality is internally consistent with the listed sources.
Instruction Scope: noteSKILL.md instructs the agent to run the 'newsnow' CLI (or use 'npx newsnow') and only references PRODUCTHUNT_API_TOKEN; it does not request unrelated files, secrets, or system paths. However, using npx means the agent will fetch and execute code from the npm registry at runtime, which expands the skill's effective surface beyond the static instructions.
Install Mechanism: concernThere is no install spec in the registry entry; the README tells users/agents to use npm or npx. npx will fetch and execute a package from the public npm registry on demand — this can run arbitrary code. Combined with the skill having no homepage/source to validate provenance, this is a notable installation risk.
Credentials: okOnly one environment variable is mentioned (PRODUCTHUNT_API_TOKEN), which is appropriate for the Product Hunt source. No unrelated credentials or broad environment access are requested.
Persistence & Privilege: okThe skill does not request permanent presence (always:false) and does not modify other skills or system-wide config. It appears not to require elevated persistence or privileges.