Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
AI PM Intel Brief
v0.1.0Generate a concise daily AI product management intelligence brief by filtering and synthesizing high-signal recent social media posts into key insights and p...
⭐ 1· 237·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name, description, and instructions all align: the skill is meant to collect recent social-media posts and synthesize them into a brief. However, collecting posts from X/Twitter or similar services normally requires API credentials or specific scraping tools; the skill declares no required env vars or binaries. That mismatch (stated need to access external social platforms but no declared credentials/tools) is notable.
Instruction Scope
SKILL.md stays within the stated purpose: it instructs the agent to define sources, collect recent posts, filter, rank, and synthesize. It does not instruct reading local files or unrelated system state. However it gives open-ended guidance to use 'CLI/browser scraping' when needed and to prioritize 'stable API access' without specifying which APIs or how to authenticate — this leaves broad discretion to the agent about network calls and scraping behavior (which could be privacy- or policy-sensitive).
Install Mechanism
No install spec and no code files: lowest disk-impact risk. The skill is instruction-only, so nothing will be written to disk by an installer. That reduces supply-chain concerns.
Credentials
No environment variables or credentials are declared, but the workflow implicitly may require them (e.g., Twitter/X API tokens, cookies, or scraping tools that need authentication). The absence of declared required creds is a mismatch: either the skill expects the agent to have unrestricted web access and to perform scraping without auth (which can be brittle/abusive), or it will prompt the user later for credentials. Both possibilities warrant caution.
Persistence & Privilege
always is false and there are no install hooks or self-modifying instructions. The skill does not request persistent presence or system-wide configuration changes. Autonomous invocation is allowed (platform default) but not combined with other high privileges here.
What to consider before installing
This skill appears to do what it says (make concise AI PM briefs from social-media posts), but it leaves important implementation details unspecified. Before installing or enabling it:
- Ask the skill author (or check updated metadata) whether it requires API credentials (e.g., X/Twitter bearer token) or any local binaries (scrapers, browser automation). If so, only provide least-privilege credentials and prefer official APIs/SDKs.
- If you do not want the agent to scrape web pages or use your browser session, confirm whether scraping will be used and how cookies/credentials are handled. Prefer methods that use official, rate-limited APIs.
- Consider scope limits: restrict which accounts or watchlists the skill may access and whether it can run autonomously. If you want to avoid unexpected network activity, disallow autonomous invocation or require explicit user approval for each run.
- If you plan to share sensitive accounts, create a read-only API token (if available) and rotate/revoke it when no longer needed.
What would change this assessment to benign: explicit declared requirements (e.g., TWITTER_BEARER_TOKEN) and a clear statement that the skill uses official API endpoints or a vetted SDK rather than ad-hoc scraping. Conversely, if the skill later adds instructions to read arbitrary local files, access unrelated credentials, or download/extract code from external URLs, reassess as higher-risk.Like a lobster shell, security has layers — review code before you run it.
latestvk9731e1xwgxxvbnpvgm3ghamvn82q6kw
License
MIT-0
Free to use, modify, and redistribute. No attribution required.