Skillv1.0.1

ClawScan security

newsmcp · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 4, 2026, 8:38 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only wrapper that calls a public news API via curl and its requirements and instructions are consistent with its stated purpose.
Guidance: This skill makes unauthenticated HTTPS requests to https://newsmcp.io and returns aggregated news. Before installing, confirm you trust that domain (review its homepage, privacy policy, and operator) and are comfortable the agent will make outbound network calls when invoked. Because no credentials or local files are accessed, there is low risk of secret exfiltration from this skill itself; however verify the service's integrity (owner, uptime, rate limits, content quality) if you rely on it for critical workflows.
Findings: [no_code_to_scan] expected: The static regex scanner had no code files to analyze; this is expected because the skill is instruction-only (SKILL.md only).

Purpose & Capability: okName/description promise (AI-clustered news briefings) matches the SKILL.md which instructs simple curl requests to a news API; the only required binary is curl which is appropriate.
Instruction Scope: okInstructions are narrowly scoped: they call https://newsmcp.io endpoints and format responses. They do not ask the agent to read local files, environment variables, or other system state, nor to transmit data to unrelated endpoints.
Install Mechanism: okNo install spec and no code files — the skill is instruction-only and does not write code to disk or install packages.
Credentials: okNo environment variables, credentials, or config paths are requested. This is proportionate for a public, unauthenticated API.
Persistence & Privilege: okSkill is not always-enabled and does not request system-level persistence or modify other skills; autonomous invocation is allowed by platform default but nothing in the skill requires elevated presence.