AI Frontier Monitor
PassAudited by VirusTotal on May 9, 2026.
Overview
Type: OpenClaw Skill Name: ai-frontier-monitor Version: 3.0.3 The 'ai-frontier-monitor' skill bundle is a professional news aggregation and intelligence tool designed to collect, score, and summarize AI industry updates. It fetches data from reputable sources including official corporate blogs (OpenAI, Microsoft, AWS), academic repositories (arXiv), developer platforms (GitHub Trending), and regional news (36Kr). The implementation consists of well-documented Python and Bash scripts (e.g., rss-crawler.py, generate-briefing.py) that handle data processing and formatting without any signs of malicious intent, data exfiltration, or unauthorized system access. The workflow is transparent, using standard tools like curl and feedparser to deliver briefings via Feishu or local Markdown files.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill is not shown to be malicious, but its origin and dependency setup are not fully described in registry metadata.
The skill includes runnable scripts but has no homepage/source provenance or install specification, so users should review the included code and dependency expectations before running it.
Source: unknown; Homepage: none ... No install spec — this is an instruction-only skill. Code file presence: 4 code file(s)
Review the bundled scripts and ensure Python, feedparser, bash, and curl are available before use.
Using the skill can run local Python/bash code and make network requests as part of collecting briefing data.
The briefing generator runs bundled shell scripts for arXiv/GitHub fetching. The visible code uses fixed script paths and no shell=True, making this purpose-aligned local execution rather than suspicious execution.
subprocess.run(['bash', str(script_path)] + list(args), capture_output=True, text=True, timeout=timeout)
Use it only if you are comfortable running the bundled scripts; keep the scripts scoped to the skill directory and avoid passing untrusted custom arguments.
Briefings may be sent outside the current chat to a Feishu user or workspace if that delivery path is used.
The skill can send the generated briefing through an external messaging channel. This is disclosed and purpose-aligned, but users should confirm the Feishu recipient and workspace.
**Push to Feishu** — 通过 `message` 工具发送到飞书(channel: feishu, to: user ID)
Configure and verify the Feishu user ID before enabling push delivery, and avoid including private material in briefing inputs unless intended.
The skill leaves local briefing archives and source-state files under its data directory.
The skill persists fetched candidates, generated briefings, and RSS state locally. This is expected for archiving and deduplication, but retained external content could influence future briefings.
All runtime data is stored under `{baseDir}/data/` ... candidates ... briefings ... rss-state.jsonPeriodically review or clear `{baseDir}/data/` if you do not want historical briefing data retained.