Brand Monitoring
v0.1.0Brand monitoring tool for tracking mentions across social media platforms. Monitor Reddit, Google News, YouTube, and DuckDuckGo for brand mentions. Includes...
⭐ 0· 97·0 current·0 all-time
byHenk Nie@phheng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (brand monitoring across Reddit, Google News, YouTube, DuckDuckGo) match the provided code: scrapers.py implements scrapers for those services and monitor.py contains analysis/demo logic. Minor note: SKILL.md suggests an npx install from an external nexscope-ai package, but the bundle contains the Python scripts needed to run locally — this is coherent but could be confusing.
Instruction Scope
SKILL.md instructs running scripts/monitor.py with brand parameters. The code operates in demo/simulated mode (get_demo_mentions) and the network call sections in scrapers.py are commented out or only prepare requests without performing urlopen. There are no instructions to read unrelated system files or environment variables. Caveat: monitor.py was truncated in the provided content, so I cannot confirm the omitted sections contain no unexpected behavior.
Install Mechanism
The skill has no install spec (instruction-only), so nothing will be written to disk by an installer. However, SKILL.md includes an npx command that would fetch a package from an external registry if a user chose to run it — that external install is not part of the provided bundle and should be treated separately.
Credentials
The skill requests no environment variables, no credentials, and no config paths. The functionality shown (demo scraping and local analysis) does not require credentials in its current form. Comments indicate production use might require API keys for services like Twitter/YouTube; those are not requested here.
Persistence & Privilege
The skill is not always-enabled and uses normal, user-invoked CLI behavior. It does not attempt to modify other skills or system-wide settings in the provided files.
Assessment
This package appears to be a local/demo brand-monitoring tool and is internally consistent with its description: it does not request secrets and the network requests in scrapers.py are currently disabled or only prepared. Before installing or running: 1) review the omitted portion of monitor.py (the file was truncated in the bundle) to confirm there are no hidden network calls or data exfiltration paths; 2) if you plan to enable production scraping, be aware that uncommenting or adding live HTTP requests will cause network traffic to third-party sites and may require API keys and compliance with those services' terms; 3) avoid running any npx installation command referenced in SKILL.md unless you trust the external package source (that command would fetch code not included in this bundle); and 4) consider running the scripts in a sandboxed environment first to observe network behavior and outputs.Like a lobster shell, security has layers — review code before you run it.
latestvk9750raametabz8j7j7yz842js839s1g
License
MIT-0
Free to use, modify, and redistribute. No attribution required.