Tech Scout
PassAudited by ClawScan on May 13, 2026.
Overview
Tech Scout is a coherent instruction-only daily research digest, but users should control its recurring web/API searches, provider credentials, and saved digest state.
Install only if you want a recurring research digest. Before using it, choose non-sensitive keyword clusters, provide only scoped provider credentials, and periodically review or clear the local state and digest files.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You may need to provide API keys or bearer tokens, which could expose account access or incur usage if mishandled.
The skill expects provider credentials for its social/video search integrations. This is aligned with the digest purpose, but those credentials may carry account access or quota authority.
**APIs typically needed:** - X (Twitter) Bearer Token - Google API key (for YouTube search)
Use least-privileged/read-only keys where possible, store them in a secure credential mechanism, and revoke them if you stop using the skill.
Confidential project names or strategies used as search keywords could be disclosed to third-party services.
The skill sends user-defined project/domain keywords to multiple external services. The destinations are disclosed and purpose-aligned, but the queries may reveal private project interests.
Search last 24 hours for each keyword cluster ... YouTube ... Reddit ... GitHub ... Web Search (via real-time LLM)
Configure broad, non-confidential keyword clusters and avoid using secret project names, client names, or unreleased product details in searches.
Saved URLs and digest files could expose what topics you are tracking, and stale or manipulated state could affect future digest results.
The skill keeps persistent local state that influences future deduplication and may reveal the user's research interests.
Maintain `state/tech_scout_seen_urls.txt` — append every surfaced URL. Before including any item, check against this file.
Keep the state directory in an expected local location, review or clear it periodically, and do not treat saved web-derived items as trusted instructions.
The agent may perform recurring searches and create digest files without a manual prompt each time, consuming API quotas and updating local state.
The skill requests recurring autonomous operation. This is central to the daily digest purpose and no background code is provided, but the user should explicitly want that schedule.
**Automated:** Run at 06:00-07:00 local time daily, before your morning briefing session.
Enable the daily workflow only if desired, set clear keyword scope, and disable or pause the routine when it is no longer useful.