ClawHub

Simple RSS news feed

v1.0.1

Fetch latest news headlines from major RSS feeds (BBC, Reuters, AP, Al Jazeera, NPR, The Guardian, DW).

1· 2k·12 current·12 all-time
by@lknik
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description align with the shipped script: scripts/news.py fetches RSS feeds from the listed news sites. Required binary (python3) is appropriate and no unrelated resources or credentials are requested.
Instruction Scope
SKILL.md instructs running the included Python script which only performs HTTP GETs to configured feed URLs and parses XML; it does not read local files or environment variables. Note: one feed URL uses rsshub.app (a third‑party RSS proxy) — this is expected for the AP feed here but is an extra remote dependency you may want to verify.
Install Mechanism
No install step; the skill is instruction-only with a single included Python script. Nothing is downloaded at install time and no archives or external installers are used.
Credentials
No environment variables or credentials are requested. The script uses an innocuous hardcoded User‑Agent header and standard library network calls—proportionate for fetching RSS.
Persistence & Privilege
The skill is not force-installed (always:false) and does not request persistent system privileges or modify other skills' configuration. Normal autonomous invocation is permitted by the platform but is not excessive here.
Assessment
This skill is coherent and appears to do what it says: fetch RSS headlines using the included Python script. Before installing, consider: (1) outbound network calls expose your machine's IP to the listed feed domains (and to rsshub.app in this package) — if privacy is a concern, run it in a sandbox or local environment; (2) verify you trust the rsshub.app endpoint used for AP (it's a proxy, not the AP official domain); (3) review/update the FEEDS list if you want different sources or to remove any aggregator; (4) run the script locally once to confirm behavior and network targets. Overall the skill is low-risk and requires no secrets.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fshp6qzzs7v9f2tyr7wmhg980n4hc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3

Comments