seithar-intel
PassAudited by ClawScan on May 1, 2026.
Overview
The provided artifacts show a coherent instruction-only threat-intelligence skill; its feed fetching, scheduling, and memory use are disclosed and purpose-aligned, but should be configured deliberately.
Before installing, decide whether you want scheduled feed checks, immediate critical alerts, and persistent memory of your threat-intelligence interests. Keep the skill focused on defensive research, review its stored profile periodically, and be cautious with any public PoC material it finds.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may retrieve security advisories, vulnerability writeups, and public exploit references for analysis.
The skill relies on external web fetching and can locate public exploit/PoC material. This is expected for threat-intelligence research, but it is a dual-use capability.
Fetch RSS feeds from the configured source list using the `web_fetch` tool ... Discovers public proof-of-concept code for disclosed vulnerabilities
Use PoC lookup for defensive research only, and do not ask the agent to run exploit code unless you are in an authorized lab environment.
Your stated security interests and the evolving feed summary may be reused in later briefings, and low-quality or misleading feed content could affect future summaries.
The skill persists user interests and feed-derived summaries that influence future scoring and briefings.
The skill stores this profile in memory and uses it to score every feed item for relevance ... Maintains a running threat landscape summary that evolves with the feed
Review the stored profile and summaries periodically, and clear or correct memory if the briefings become inaccurate or contain unwanted personal preferences.
The agent may periodically fetch feeds and send briefings or critical alerts without a new manual prompt each time.
The skill is designed for recurring background checks and push-style alerts. This is disclosed and configurable, but it means the agent can act on a schedule.
Default: every 2 hours. The skill uses OpenClaw's cron/heartbeat system to periodically fetch and process feeds.
Set the schedule and critical-alert threshold explicitly, and disable scheduled briefings if you only want on-demand use.
You have limited external information about who maintains the skill or where to review its full project history.
The registry information does not provide a source repository or homepage for provenance review. Because this is instruction-only with no code or install spec, this remains a low-level provenance note.
Source: unknown; Homepage: none
Install only if you trust the registry entry and the visible instructions; prefer skills with clear maintainers and source links for higher-trust environments.