ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ai-news-pipeline-new

v1.0.4

Run a self-contained Chinese and international AI news workflow inside the current workspace. Use when the user wants either high-frequency RSS capture only...

0· 178·1 current·1 all-time
byNighmat@nighmat1220
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The code matches the stated purpose: collecting RSS feeds, producing cumulative Excel files and a Word brief, and calling a user-configured Volcengine model for AI summaries/scores. However, the registry metadata declares no required environment variables while the runtime (SKILL.md and code) expects ARK_API_KEY (and optionally ARK_MODEL / ARK_API_BASE). That mismatch (declared required envs: none vs. actual runtime requirement for ARK_API_KEY) is an incoherence the user should note.
Instruction Scope
SKILL.md instructs running bundled Python scripts against a workspace and lists the expected workspace files. The scripts only read workspace files/config (sources.json, international_sources.json, companies.txt, data/, state/) and write local reports and state. They also make network calls: (1) to user-provided RSS/Atom URLs and (2) to the model endpoint (ARK_API_BASE). The behavior is within the advertised workflow, but the agent will send feed content (title, content, links, timestamps) to the configured model endpoint — this is expected but important (possible data leakage of captured content).
Install Mechanism
No automated install spec is present; the SKILL.md instructs manual pip install of requirements.txt (openpyxl, python-docx). This is a low-to-moderate-risk, expected install approach for a Python script bundle and is proportionate to the reported functionality.
!
Credentials
The code uses ARK_API_KEY (and accepts ARK_MODEL, ARK_API_BASE, ARK_TIMEOUT_SECONDS, and AI_NEWS_WORKSPACE) at runtime. ARK_API_KEY is required for AI enrichment paths and is not declared in the skill metadata. Because AI calls transmit full news text and metadata to the model provider, the credential grants the model provider access to all content sent — the user should consider whether that is acceptable. The skill also supports RSS basic auth credentials inside the sources JSON (username/password). The number and sensitivity of credentials are reasonable for the functionality, but the omission from declared requirements and the potential for sending captured text externally are notable concerns.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system settings, and only writes files within the provided workspace (data/, reports/, state/, snapshots/, logs/). That level of persistence is coherent with its purpose.
What to consider before installing
Before installing or running: 1) Be aware this bundle will read RSS feeds you configure and send the feed text (title, content, link, timestamp) to the configured model endpoint (default ARK_API_BASE pointing at Volcengine). If you supply ARK_API_KEY, the provider will receive that content — avoid sending private or sensitive data. 2) The registry metadata omitted ARK_API_KEY (and related ARK_* env vars); set these intentionally and only for trusted endpoints. 3) Inspect your config/sources.json and international_sources.json for any feed credentials — those are used directly. 4) Run in an isolated workspace (empty directory) if you want to avoid accidental inclusion of unrelated files. 5) If you do not trust the model provider or want no external calls, run with --disable-ai or only use capture-only mode. 6) Review the included scripts yourself before pip installing dependencies and running them; the code uses only standard urllib urlopen for network calls and writes to workspace directories, but will transmit feed content to the model endpoint when AI is enabled.

Like a lobster shell, security has layers — review code before you run it.

aivk972jnr9ztkdpzr1fpw344y33s832k7hbriefingvk9703wpm6bypwjmg1mq0276nj582yrzycollectionvk9741rn2nqjx479emx37th3j9x832jthcrawlvk9741rn2nqjx479emx37th3j9x832jthcrawlervk9703wpm6bypwjmg1mq0276nj582yrzyexcelvk9703wpm6bypwjmg1mq0276nj582yrzyindustry newsvk9741rn2nqjx479emx37th3j9x832jthlatestvk972zh306n3jhd1xc88n759fks832yb1newsvk972jnr9ztkdpzr1fpw344y33s832k7hrssvk9703wpm6bypwjmg1mq0276nj582yrzywordvk9703wpm6bypwjmg1mq0276nj582yrzy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments