ClawHub

News Fetcher (by luogao)

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-aligned for fetching public news and archives, with documented external service use and a small local preference file.

This looks safe for its intended use: fetching and summarizing public news. Before installing, be aware that optional Tavily searches use your Tavily API key, external archive/search services may receive the URLs or search terms you request, and news preferences are saved in CONFIG/news-preferences.md.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI03: Identity and Privilege Abuse
Low
What this means

If configured, the Tavily API key will be used for news searches and sent to Tavily as an authorization token.

Why it was flagged

The script uses an optional Tavily credential to authenticate to Tavily's search API, which is expected for the advertised alternative-source search feature.

Skill content
const TAVILY_API_KEY = process.env.TAVILY_API_KEY; ... 'Authorization': `Bearer ${TAVILY_API_KEY}`
Recommendation

Set TAVILY_API_KEY only if you want Tavily search enabled, and use a key with normal service-level limits rather than a broadly privileged credential.

#
ASI07: Insecure Inter-Agent Communication
Low
What this means

News URLs and search terms may be visible to external services such as Tavily, archive.today, Wayback Machine, or r.jina.ai.

Why it was flagged

The skill intentionally sends article URLs or search queries to third-party archive/search services as part of its core workflow.

Skill content
archive.today / Wayback Machine ... 使用 Tavily API 搜索同一事件的免费报道
Recommendation

Use the skill for public news links and avoid giving it private, intranet, or sensitive URLs unless you are comfortable sharing them with those services.

#
ASI06: Memory and Context Poisoning
Info
What this means

Stored preferences can influence future news results, and anyone who can modify that workspace file could steer what sources or categories are used.

Why it was flagged

The skill persists user news preferences in a workspace file and reads them later to guide news selection.

Skill content
检查配置文件 `CONFIG/news-preferences.md` ... 保存偏好 → 写入 `CONFIG/news-preferences.md`
Recommendation

Review or edit CONFIG/news-preferences.md if results seem unexpected, and avoid storing sensitive personal details in the preference file.