Back to skill
Skillv1.0.0
ClawScan security
Content Scraper — AI Trend Monitor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 23, 2026, 1:11 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's purpose (trend monitoring) matches its instructions, but the runtime instructions reference reading and writing local config/data and unspecified notification channels that are not declared elsewhere, creating coherence and disclosure gaps you should understand before installing.
- Guidance
- This skill appears to do what it says (monitor social sources and produce reports) but leaves important operational details unspecified. Before installing: (1) Ask the author for a sample sources.json and for a clear description of what credentials (if any) it will read and where they should be stored; prefer environment variables or a secrets store over plaintext files. (2) Confirm where reports will be written and whether the agent has permission to write to data/ and how those files are protected. (3) Clarify the 'notify via configured channel' mechanism and required notification credentials (these are not declared). (4) If you do not want web scraping, require use of official APIs and document required API keys. (5) Because the skill source and homepage are unknown, exercise caution: inspect sources.json and any provided configs for secrets before giving the skill access, and consider running initial tests in an isolated environment. Providing the missing details (declared config paths, example config, and notification mechanism) would raise confidence.
Review Dimensions
- Purpose & Capability
- concernName/description match the SKILL.md (monitor social sources, produce reports). However the skill expects a local sources.json and writes reports to data/, yet the registry metadata declared no required config paths. That mismatch (reads config, writes files) is unexplained.
- Instruction Scope
- concernRuntime instructions tell the agent to read sources.json, perform web fetches or web scraping (Twitter, Reddit, YouTube, RSS), save JSON reports to data/trend-report-{date}.json, and 'notify via configured channel'—but do not specify where notification credentials live or how scheduling is implemented. The instructions therefore access local files and external endpoints beyond what the registry metadata declares and leave open where secrets/credentials for notification live.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files—lowest install risk. There is no archive download or third-party package installation.
- Credentials
- noteThe skill declares no required environment variables; SKILL.md allows optional Twitter API credentials stored in sources.json. That is reasonable for a scraper, but the skill does not declare where notification credentials or other service keys should be provided. Storing API keys in sources.json (a file read by the skill) could expose secrets if that file is not protected—this risk is not documented.
- Persistence & Privilege
- noteThe skill requests daily runs and writing persistent report files, but it does not request always:true or other elevated privileges. The platform/agent must provide scheduling and file-write permissions for this to work; the SKILL.md assumes those capabilities without documenting them.