Community Intel

v1.1.0

Automated community intelligence gathering for any open-source project or product. Searches Reddit, Hacker News, Twitter/X, GitHub, and YouTube for mentions,...

⭐ 0· 337·0 current·0 all-time

by@npfaerber

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name and description match the SKILL.md. Requested tools (web_search, web_fetch) and optional outputs (Discord, email) are appropriate for an automated community intelligence task; no unrelated binaries, env vars, or installs are requested.

ℹ

Instruction Scope

Instructions are specific about searching platforms, reading full threads, following links, and appending to a cumulative intel file. This is consistent with the stated purpose, but the 'go deep — read full threads, follow links' guidance gives the agent broad discretion to fetch arbitrary external URLs and crawl linked content, which could surface private or sensitive content if reachable and could increase exposure when report outputs are configured.

✓

Install Mechanism

No install spec and no code files — lowest-risk model. The skill is instruction-only and does not write or execute code on install.

✓

Credentials

The skill declares no required environment variables, no primary credential, and no config paths. Optional integrations (Discord, email) are user-configured and would require their own credentials if used; the SKILL.md does not demand those secrets itself.

✓

Persistence & Privilege

always is false and user-invocable is true (normal). The skill reads/writes a specified INTEL_FILE in workspace memory; scheduling via cron is an explicit user action. It does not request persistent elevated privileges or modify other skills' configs.

Assessment

This skill appears coherent and appropriate for monitoring open-source projects. Before enabling it (especially as a scheduled cron job): - Confirm which web_fetch/web_search implementations the agent will use and what network access they have (to avoid unexpected access to internal systems). - Decide whether you want the optional outputs (Discord channel or email). If you enable them, supply only credentials you control and verify where messages will be posted to avoid accidental data exposure. - Review and set INTEL_FILE to a safe workspace path; the agent will read and append to that file each run, which may accumulate sensitive findings. - Be aware the agent is instructed to 'follow links' and read full threads — it may fetch arbitrary external pages. If you need limits (rate, domains, depth), add explicit constraints to the SKILL.md or cron message before running. If you want higher assurance, ask the skill author (or maintainer) to: 1) document which web tools are expected to be used, 2) add explicit allowed/blocked domains and crawl depth limits, and 3) show examples of the report output and any PII-handling rules.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cfeaz8rw122k44zyq14vxax820bx7

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Community Intel

License

Comments