Skillv1.0.0

ClawScan security

ai-news-collector · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 14, 2026, 5:02 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only AI news-aggregation skill whose requested actions, resources, and outputs are consistent with its stated purpose (collecting and ranking AI news); it does not request credentials or install software, but it assumes network fetching capabilities that you should confirm are available and acceptable.
Guidance: This skill appears to do what it says: perform many targeted web searches, fetch full articles, and synthesize ranked AI news. Before installing, confirm that your agent environment provides a safe/approved web-fetch capability (the SKILL.md expects a 'web_fetch' tool), and consider the following: (1) scraping community sites and social feeds may hit rate limits or violate site ToS — using official APIs (which require keys) could be preferable; (2) the skill will retrieve and send external web content to the model at runtime, so be aware of potential privacy or content-handling concerns and any sensitive data that may appear in fetched pages; (3) it may perform many outbound requests (8–12+ per run), which can incur network costs or rate-limit issues; (4) the skill marks paywalled items as '需订阅' but does not instruct bypassing paywalls — ensure you are comfortable with how paywalled content will be handled. If you want stronger guarantees, request that the skill declare required tools (web_fetch or specific API integrations) or switch to authenticated APIs for social platforms to improve reliability and compliance.

Review Dimensions

Purpose & Capability: okName and description match the instructions: the skill is a news collector that performs multi-dimensional web searches, cross-checks, scores, deduplicates and outputs ranked summaries in Chinese. It does not request credentials, binaries, or installs, which is proportionate for a scraper/aggregator.
Instruction Scope: noteInstructions are detailed and stay within news-collection scope (search, fetch full text, cross-check, dedupe, rate/score, produce 15–25 ranked items). They explicitly require many searches (8–12) and fetching full articles (including community sites and social media). They do not instruct reading local files or environment variables. Note: the SKILL.md calls out using a 'web_fetch' action to retrieve full texts — that runtime capability is assumed but not declared in the skill metadata.
Install Mechanism: okNo install spec and no code files are present, so nothing is written to disk or downloaded. This is the lowest-risk pattern for a skill of this type.
Credentials: okThe skill requests no environment variables, credentials, or config paths, which is appropriate for a public news aggregator. However, because it does not request official API keys (Twitter/X, GitHub, paywalled sources), the instructions imply web scraping rather than authenticated API use — a design choice with reliability and ToS implications but not a direct credential risk.
Persistence & Privilege: okalways is false and the skill does not ask to persist tokens or modify other skill configs. Autonomous invocation is allowed by default (platform behavior) — that is normal for skills and not a problem here by itself.