Skillv1.0.1

ClawScan security

Sell The News · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 16, 2026, 6:08 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill appears to do what it claims (call a public Sell The News MCP endpoint for read-only news/tools); the included scripts call that endpoint and there's no secret access or obfuscated behavior, though a couple of minor mismatches (undeclared required binaries and an optional override env var) are worth noting.
Guidance: This skill is coherent and appears to only fetch read-only news/analysis from https://mcp.sellthenews.org/mcp (or an endpoint you set via SELL_THE_NEWS_MCP_ENDPOINT). Before installing, confirm you trust that endpoint and are comfortable allowing outbound HTTP calls. Ensure curl and python3 are available in the runtime environment (the scripts depend on them). Do not pass secrets or sensitive local data as tool arguments—the wrappers will send whatever JSON you provide to the remote MCP endpoint. If you worry about a malicious or misconfigured server, avoid setting SELL_THE_NEWS_MCP_ENDPOINT to untrusted hosts or run the skill in an environment with restricted network egress.

Purpose & Capability: noteThe skill's name/description align with the code: the scripts call a Sell The News MCP endpoint to fetch news/analysis. Minor mismatch: the skill requires curl and python3 at runtime (used in scripts) but the registry metadata declared no required binaries.
Instruction Scope: okSKILL.md and the bundled wrappers limit activity to initializing an MCP session and calling read-only tools on the remote endpoint. Instructions do not instruct reading arbitrary local files or exfiltrating unrelated data. The wrappers parse SSE-style responses and print JSON.
Install Mechanism: okNo install step (instruction-only with shipped scripts) — nothing is downloaded or extracted at install time. The included shell and Python code is small and readable with no obfuscation or hidden endpoints beyond the documented endpoint.
Credentials: noteNo required credentials are requested (Auth: none). The code does accept an optional environment override SELL_THE_NEWS_MCP_ENDPOINT to change the endpoint, but that env var was not documented in the registry metadata; ensure this is intentional. Also note that runtime requires curl and python3 even though they weren't declared as required binaries.
Persistence & Privilege: okalways is false and the skill does not request persistent system-wide changes or modify other skills. It only performs outbound HTTP calls when invoked.