Back to skill
Skillv1.0.2
ClawScan security
news-aggregator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 15, 2026, 5:18 AM
- Verdict
- Benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's requests and runtime instructions are consistent with a news-aggregation tool, but the package has minor metadata inconsistencies and relies on a third‑party API (SkillBoss) of unknown trustworthiness — verify before giving an API key.
- Guidance
- This skill appears to do what it says: it sends search queries and content to the SkillBoss API and formats summaries. Before installing: 1) Verify the legitimacy and privacy policy of SkillBoss (api.skillboss.co) since your SKILLBOSS_API_KEY will be sent there; prefer a scoped/limited key if possible. 2) Confirm the skill's canonical source/homepage (registry shows none and README has a placeholder GitHub URL). 3) Note the minor version mismatch in metadata — ask the publisher to clarify. 4) If you are concerned about automatic network calls, disable autonomous invocation or only call the skill manually. If you cannot verify SkillBoss or the publisher, treat this as higher risk and avoid providing a long‑lived, broad API key.
Review Dimensions
- Purpose & Capability
- okName/description (news aggregation) match the declared requirement: a single SKILLBOSS_API_KEY to call the SkillBoss search/chat API. No unrelated binaries, credentials, or config paths are requested.
- Instruction Scope
- noteSKILL.md contains precise instructions to call the SkillBoss /v1/pilot endpoint for search and then for chat summarization; it does not instruct reading local files or other env vars. It concatenates search results into an LLM prompt and sends them to SkillBoss — this is expected for the described workflow but means search result contents (and any sensitive text inadvertently included) will be transmitted to SkillBoss. Also note a minor metadata mismatch: registry version 1.0.2 vs SKILL.md version 1.0.3, and README contains a placeholder GitHub clone URL (YOUR_USERNAME).
- Install Mechanism
- okInstruction-only skill with no install spec and no code files — lowest install risk. Nothing is downloaded or written to disk by the skill itself.
- Credentials
- noteOnly one environment variable is required (SKILLBOSS_API_KEY), which is proportionate if the skill delegates search/LLM work to SkillBoss. Because the service endpoint is external (api.skillboss.co) and the registry lists no homepage, you should confirm SkillBoss is a trusted provider and that the key's permissions and billing scope are acceptable.
- Persistence & Privilege
- okalways is false and the skill is user-invocable; it does not request persistent system privileges or modify other skills. The agent may invoke it autonomously (platform default) — this is normal, but consider limiting autonomous use if you distrust the external API.