ClawHub
Back to skill
v0.1.5

Newsletter Curation

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:31 AM.

Analysis

This looks like a coherent newsletter-writing aid, but it relies on a third-party CLI, login, and external search/image services you should trust before use.

GuidanceBefore installing, make sure you trust inference.sh, verify the CLI installer/checksums if possible, log in only with an appropriate account, and avoid putting sensitive private information into external search queries.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityMediumConfidenceHighStatusNote
SKILL.md
curl -fsSL https://cli.inference.sh | sh && infsh login

The skill tells the user to run an installer fetched from the internet. This is disclosed and related to the stated inference.sh workflow, but the installer itself is outside the provided artifact set.

User impactInstalling the CLI would execute third-party installer code on the user's machine.
RecommendationInstall only if you trust inference.sh; prefer the documented manual install/checksum verification path before running the CLI.
Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
allowed-tools: Bash(infsh *)

The skill permits Bash calls matching any infsh command, while the visible examples use specific content-sourcing and image-generation apps. The wildcard is broader than the examples but still tied to the stated CLI-based workflow.

User impactThe agent may use the infsh CLI to perform external app runs, not just provide writing advice.
RecommendationKeep usage limited to the newsletter-related infsh commands you expect, and review any proposed command before allowing it if your environment prompts for approval.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
&& infsh login

The setup flow includes logging in to the inference.sh CLI, meaning an external account or authenticated session is involved even though the registry metadata lists no primary credential.

User impactUsing the skill may require actions under the user's inference.sh account.
RecommendationUse an account you are comfortable connecting to this workflow and avoid sharing credentials directly in prompts.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
SKILL.md
infsh app run tavily/search-assistant --input '{ "query": "[your niche] news this week latest developments" }'

The skill sends content-sourcing queries through infsh to external search apps such as Tavily and Exa. This is expected for newsletter sourcing, but the artifact does not describe provider-side data handling.

User impactNewsletter topics, niches, or search queries may be sent to external services.
RecommendationDo not include confidential business plans, private subscriber data, or unpublished sensitive material in external search queries.