AK RSS 24h Brief
PassAudited by ClawScan on May 1, 2026.
Overview
This skill appears to be a purpose-aligned RSS briefing tool that fetches OPML/feed URLs and outputs a Chinese summary, with no evidence of credential use, persistence, exfiltration, or destructive behavior.
Before installing, confirm you trust the OPML source and understand that the skill will fetch remote RSS/Atom feeds. There is no evidence of malicious behavior, but custom OPML files should be reviewed because they control which URLs the script contacts.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill may contact up to many external feed servers and expose normal network metadata such as the user's IP address and request timing.
The skill is designed to fetch an OPML source and then fetch feed URLs listed inside it. This is expected for an RSS brief, but it means an untrusted OPML could cause outbound requests to many URLs.
`--opml-url` / `--opml-file`: OPML source ... `--max-feeds`: max feeds to fetch (default `200`)
Use OPML files or URLs from trusted sources, lower `--max-feeds` if needed, and review custom OPML lists before using them.
Users have less provenance information to help decide whether they trust the skill publisher.
The skill has limited provenance information and no homepage. The included behavior is simple and purpose-aligned, but users have less external context for the publisher or source.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Review the included script and prefer installing from publishers or repositories you trust.