Back to skill
Skillv0.1.8
ClawScan security
.Publish Temp · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 1, 2026, 5:28 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only helper for installing and running the news-fetcher CLI; its instructions, requirements, and actions are coherent with its stated purpose and do not request unrelated credentials or privileges.
- Guidance
- This skill is instruction-only and appears coherent, but take normal precautions before following the install steps: (1) pip installing from a git+ URL executes code on your machine—use a virtualenv (as the instructions show) and avoid installing as root; (2) review the referenced GitHub repo (miniade/news-fetcher@v0.1.8) to ensure you trust it and to inspect any install/run scripts; (3) be aware the tool fetches and scrapes remote sites (RSS/HTML/GitHub Trending) so it needs network access and should be run with appropriate rate limits and privacy considerations; (4) if you need stronger assurance, run the package in an isolated sandbox or container and inspect its behavior before giving it regular use.
Review Dimensions
- Purpose & Capability
- okName/description match the SKILL.md: it instructs how to install, configure, validate, and run the news-fetcher Python CLI. Nothing in the skill asks for unrelated credentials, binaries, or system-wide config.
- Instruction Scope
- okSKILL.md limits actions to creating/validating a config, running the CLI, and piping output formats. It does not instruct the agent to read unrelated files, access secrets, or transmit data to unexpected endpoints. It does recommend scraping/public pages (e.g., GitHub Trending) which is expected for the skill's purpose.
- Install Mechanism
- noteThere is no install spec (instruction-only), which reduces risk. The instructions recommend pip installing from a GitHub repository (git+https://github.com/miniade/news-fetcher.git@v0.1.8) — a standard but inherently privileged operation because package installation runs code on your machine; this is expected for a Python CLI but worth user caution.
- Credentials
- okThe skill declares no required env vars, credentials, or config paths. The operations described (network fetches, local config files) align with that. No suspicious environment access is requested.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. There is no install-time behavior or persistent privileges requested by the skill itself (it's instruction-only).