03 Tech Scout
PassAudited by ClawScan on May 14, 2026.
Overview
This instruction-only skill is coherent for a daily research digest, but users should notice its scheduled web scanning, API-token use, external project-keyword searches, and local state files.
This skill appears suitable if you want an automated daily research digest. Before enabling it, confirm whether your agent will actually run it on a schedule, use restricted API keys, avoid confidential project names in search keywords, and review suggested actions before acting on external links or repositories.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the host honors this instruction, the agent may perform web/API searches and write digest files each morning without a fresh manual prompt.
The skill asks the agent to operate on a recurring schedule. This is disclosed and aligned with a daily digest, but it is still autonomous activity users should explicitly want.
**Automated:** Run at 06:00-07:00 local time daily, before your morning briefing session.
Enable this only if you want recurring scans; otherwise configure it as manual-only or require confirmation before each run.
API keys or bearer tokens could consume quota or expose account access if overly broad or mishandled.
The skill may require service credentials for the stated data sources. This is purpose-aligned, but credentials should be scoped and protected.
**APIs typically needed:** - X (Twitter) Bearer Token - Google API key (for YouTube search)
Use least-privilege, read-only, restricted API keys where possible, and do not provide unrelated account credentials.
Confidential project names, strategies, or interests could be revealed to search/API providers if included in keyword targets.
The skill sends user-configured project domains or keyword clusters to external platforms and a real-time LLM/search provider. This is expected for the digest, but it creates a data-boundary consideration.
Search last 24 hours for each keyword cluster ... Web Search (via real-time LLM) ... "What new [domain] tools or updates were announced in the last 48 hours?"
Use generic keywords for sensitive work, avoid client-secret or proprietary names in searches, and review provider privacy settings.
Future briefings may repeat stale, low-quality, or manipulative web content if it is written into the digest.
The skill persists internet-derived links and digest content, then reuses that content in morning briefings. This is useful for deduplication and briefing integration, but the stored content originates from untrusted public sources.
Maintain `state/tech_scout_seen_urls.txt` — append every surfaced URL ... Read `state/tech_scout_digest_YYYY-MM-DD.md`
Treat links and suggested actions as recommendations, not verified instructions; review important items before installing tools, running code, or acting on trading/technical advice.