ClawHub

Topic Monitor

v1.5.2

Monitor topics of interest and proactively alert when important developments occur. Use when the user wants automated monitoring of specific subjects like pr...

25· 8.1k·57 current·58 all-time
byRobby@robbyczgw-cla·duplicate of @robbyczgw-cla/proactive-research
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (topic monitoring, RSS/GitHub/web-search) match the included artifacts: python scripts (monitor.py, manage_topics.py, setup_cron.py), vendored feedparser, config examples, and a README describing search+feed+alert flows. The optional env vars (telegram id, data dir, web-search-plus path) align with the documented functionality.
Instruction Scope
SKILL.md instructs running local Python scripts to poll web search, RSS/Atom, and GitHub Atom feeds and to emit structured alerts. That scope is appropriate. Minor wording inconsistency: README claims "No direct HTTP calls" for alerting/search integration (meaning alert delivery is agent-mediated), but feed fetching (feedparser) necessarily performs outbound HTTP to retrieve feeds/releases — this is expected for a monitor but the phrasing could confuse readers.
Install Mechanism
No external install step is required and all required code is bundled (vendored feedparser). There are no remote download URLs or extract steps in the install spec, which reduces supply-chain risk.
Credentials
No required credentials or secrets are declared. Optional env vars (TOPIC_MONITOR_TELEGRAM_ID, TOPIC_MONITOR_DATA_DIR, WEB_SEARCH_PLUS_PATH, and optional search provider API keys forwarded to a subprocess allowlist) are proportional to the features described. The package does not request unrelated cloud credentials or system tokens.
Persistence & Privilege
The skill is not force-included (always:false) and uses local state files (default .data/). It does not request elevated platform privileges or modify other skills. Autonomous invocation is allowed by default (normal for skills) but is not combined with other troubling flags.
Assessment
This skill appears to be what it says: a local Python-based topic monitor that polls web search, RSS/Atom feeds, and GitHub release Atom feeds and emits structured alerts. Before running it: 1) review config.json and set TOPIC_MONITOR_DATA_DIR to a folder you control (state is stored locally); 2) if you want delivery to Telegram/Discord, confirm how your OpenClaw agent sends messages — the skill documents agent-mediated delivery rather than embedding third-party tokens; 3) if you provide web-search provider API keys, be aware those keys may be forwarded to the search subprocess per the documented allowlist (PATH, HOME, LANG, TERM + provider keys); 4) run the scripts in a controlled environment first (dry-run) to observe behavior; and 5) note the changelog entry about a previously removed personal chat id — ensure your config does not contain any stale hardcoded identifiers. Overall the package is coherent and proportionate to its purpose, but you should still inspect and run it in a sandbox if you have high security requirements.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c14magdy8b8ysp2tq8ysgb583tbm3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3

Comments