ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Morning Briefing Generator

v1.0.0

Generates a personalized morning briefing with weather, calendar events, urgent emails, trending topics, health data, news, and priorities to save time.

0· 586·0 current·0 all-time
by@michael-laffin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's stated purpose (aggregating weather, calendar, email, tasks, health, news and delivering via messaging) legitimately requires many third‑party integrations and credentials. However, the registry metadata declares no required environment variables, primary credential, or config paths — which is inconsistent with the integrations described in SKILL.md.
!
Instruction Scope
SKILL.md explicitly instructs the agent to access OAuth calendars and email, read/write user preferences in TOOLS.md or HEARTBEAT.md, check a .env bot token, create cron jobs, and deliver messages to external services (Telegram/WhatsApp/Slack/email). Those steps require access to local files and many credentials but the skill does not declare or limit that access in metadata; instructions also include team briefings (accessing multiple people's calendars) which widens scope.
Install Mechanism
This is an instruction-only skill with no install spec and no bundled code. That lowers installation risk because nothing is downloaded or written by a packaged installer. The risk arises from the runtime instructions rather than an installer.
!
Credentials
SKILL.md references many secrets and tokens (Google/Apple/Outlook OAuth for calendars, Gmail OAuth, Telegram bot token in .env, OpenWeatherMap API key, Oura health token, Asana/Todoist/Notion/Linear/GitHub tokens). Yet the registry lists no required env vars or primary credential. This mismatch suggests either metadata omission or the skill will ask the agent/user to supply sensitive tokens at runtime — both merit caution.
Persistence & Privilege
The skill is not always-enabled (always: false). It suggests creating cron jobs and sending automated messages (Telegram), which is a normal capability for an automation skill, but the potential to send data externally combined with the large set of integrations increases blast radius if credentials are misused. No evidence it requests persistent system-wide privileges beyond cron and editing user config files.
What to consider before installing
Before installing, get clarity from the publisher about exactly which credentials and files the skill will access and how they are stored. Specific checks: (1) Ask for a concrete list of required env variables (Telegram bot token, Google OAuth client/refresh tokens, Gmail OAuth, OpenWeatherMap key, Oura token, Asana/Todoist tokens, etc.). (2) Confirm whether the skill will read or write TOOLS.md, HEARTBEAT.md, or .env and what contents it will change — avoid storing secrets in plain .env files if possible. (3) Prefer OAuth flows that store refresh tokens securely and limit scopes to least privilege (read-only calendar and email filters). (4) For delivery channels (Telegram/WhatsApp/Slack), verify the destination is under your control and that messages do not leak other users' private data. (5) Test first with a throwaway account and minimal permissions. (6) If the publisher cannot provide a clear list of required credentials and a privacy design, treat the metadata omission as a red flag and avoid installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk977wz383148kr3j4fq2n9g2d1814cps

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments