ClawHub
Back to skill
v1.0.4

ai-news-pipeline-new

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:18 AM.

Analysis

The skill coherently implements a disclosed RSS-to-report workflow, with expected local file writes, optional API credential use, and dependency installation that users should review.

GuidanceBefore installing, use a virtual environment for dependencies, provide only trusted RSS sources and model endpoints, keep API keys scoped, and review generated Excel/Word reports before sharing or relying on them.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
scripts/requirements.txt
openpyxl
python-docx

The dependency file lists packages without version pins; SKILL.md instructs installing dependencies from this file before first use, so package resolution depends on the user's package index and environment.

User impactInstalling may add or upgrade Python packages in the selected environment.
RecommendationInstall in a virtual environment and pin or verify package versions if reproducibility or supply-chain control matters.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
scripts/generate_international_report.py
ARK_API_KEY = os.getenv("ARK_API_KEY", "").strip() ... "Authorization": f"Bearer {ARK_API_KEY}"

The script reads a user-provided model API key and sends it as a bearer token to the configured ARK model endpoint. This is expected for AI summary generation and no hardcoded or unrelated credential use is shown.

User impactIf AI generation is enabled, the model API key can authorize calls and may incur account usage or cost.
RecommendationUse a scoped API key where possible, confirm the model endpoint is trusted, and use --disable-ai when model calls are not needed.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
reading user-configured RSS / Atom feeds ... calling a user-configured Volcengine model endpoint ... store raw and incremental collected news data; persist deduplication state

The workflow stores retrieved feed content and uses it as model context for generated summaries and scores. This is disclosed and purpose-aligned, but report quality depends on the trustworthiness of configured feeds.

User impactManipulated or low-quality feed items could affect generated titles, summaries, impact scores, and saved reports.
RecommendationUse trusted RSS sources, review generated reports before relying on them, and manage retention of workspace data if feeds contain non-public content.