Daily News Portal (Prasowka)
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (base64-block); human review is required before treating this skill as clean.
This skill looks reasonable for generating a daily HTML news portal. Before installing or running it, be aware that it will fetch many public web sources, run local Python/shell scripts, and keep local state such as seen URLs and browser bookmarks. Review or remove the undeclared 'prasowka-guardian' step and hardcoded /Users/nerucb1 helper paths if you plan to use the helper scripts. ClawScan detected prompt-injection indicators (base64-block), so this skill requires review even though the model response was benign.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may run bundled scripts, contact public news sites, and write output files when you invoke the skill.
The skill explicitly uses command execution, web search/fetch, and file writing. These are sensitive capabilities, but they are consistent with fetching news and generating an HTML file.
tools:\n - exec\n - web_search\n - web_fetch\n - write
Use it in a normal workspace and review generated output; do not grant extra permissions beyond what is needed for public web fetching and writing the portal file.
A malicious or manipulative webpage could affect how an article is summarized or displayed in the generated portal.
Fetched article text from arbitrary websites is passed to the model for summarization, so hostile article content could try to influence the generated summary.
content = web_fetch(url, extract_text=True) ... summary = llm_summarize(content[:3000])
Treat fetched article content strictly as untrusted data and review summaries before relying on them.
If followed literally, the agent might fail or run an unrelated local command with that name if one exists on the path.
The skill references a validation command that is not listed in the provided manifest or requirements, creating a small provenance and portability gap if an agent tries to execute it.
- Run prasowka-guardian validation
Confirm what 'prasowka-guardian' is before running it, or remove/replace that step with a reviewed validation command.
This could fail on other machines or write logs/output in an unexpected local account path if executed as-is.
A helper script contains hardcoded developer-local paths instead of deriving paths from the current user or workspace.
export HOME=/Users/nerucb1 ... exec /bin/bash /Users/nerucb1/.openclaw/workspace/skills/prasowka/run.sh
Prefer running run.sh directly, or edit helper scripts to use $HOME and the installed skill directory.
Your browser may retain article read/bookmark state for this portal until local storage is cleared.
The generated portal stores read/bookmark state in browser localStorage. This is local and purpose-aligned, but it is persistent state.
readArticles: JSON.parse(localStorage.getItem('prasowka-read') || '[]'),\nbookmarks: JSON.parse(localStorage.getItem('prasowka-bookmarks') || '[]')Clear site/browser storage if you do not want this state retained.
If you wire this script into cron/launchd yourself, it will periodically fetch news and write files/logs.
The repository includes a monitor script that can generate the daily portal when the file is missing. No scheduler or auto-install mechanism is shown.
if [ ! -f "$FILE" ]; then ... cd "$HOME/.openclaw/workspace/skills/prasowka" && bash run.sh
Only schedule the monitor if you want recurring generation, and keep logs/output locations under your own workspace.