ClawHub

chinese technology news

v1.0.0

采集钛媒体、虎嗅、36氪、爱范儿四大中文科技媒体的最新资讯,整理成带原文链接的快讯。无需 API Key,直接抓取 RSS 源。

1· 286·1 current·1 all-time
by@ofaith
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description claim to fetch RSS from four Chinese tech sites and the code plus SKILL.md only reference those RSS URLs and Node; required binaries (node) match the implementation and there are no unrelated credentials or binaries requested.
Instruction Scope
SKILL.md instructs running node fetch.js inside the skill folder and the script performs only HTTPS GETs of the declared RSS feeds, parsing titles and links. It does not read other files, env vars, or send data to any third-party endpoints beyond the listed feeds.
Install Mechanism
No install spec — the skill is instruction-only with a small local JS file. Nothing is downloaded or installed from external URLs, so install risk is minimal.
Credentials
The skill requests no environment variables or credentials and the runtime code does not access any env vars; requested access is proportionate to its stated purpose.
Persistence & Privilege
always is false (default) and the skill does not modify agent/system configuration or require persistent/system-wide privileges. Autonomous invocation is allowed by platform default but is not combined with any other elevated access here.
Assessment
This skill appears to do only what it claims: fetch and parse the four RSS feeds using Node and print titles/links. Before installing, ensure the runtime environment allows outbound HTTPS to those domains (network egress), confirm you trust the listed feeds, and be aware the RSS parser is a simple regex-based implementation (may miss edge cases or unusual XML encodings). No credentials are requested and there are no external installers, so risk is low; if you require stricter guarantees, review or run the small fetch.js locally first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cnxq3pp04cy07g43g4qjnhs83kpca

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📱 Clawdis
Binsnode

Comments