Tmtpost Summarizer
v1.3.0钛媒体(https://www.tmtpost.com/)文章阅读与资讯总结助手。支持四种模式:(1) 读取最新文章并深度总结;(2) 从快报频道汇总当前最新十条热点资讯;(3) 关键词过滤模式;(4) 指定URL直接总结;(5) 多篇横向对比分析。触发词:帮我看钛媒体、钛媒体快报、最新十条、关键词XX的钛媒体、...
⭐ 2· 40·0 current·0 all-time
byshj_X@shaohaojie1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (Tmtpost article summarizer) match the included scripts and SKILL.md. All network calls target tmtpost.com pages and the prompt templates describe article/nictation summarization. No unrelated services, credentials, or binaries are requested.
Instruction Scope
SKILL.md instructs the agent to fetch tmtpost URLs (homepage, /nictation, or user-provided article URLs) and then format summaries using the provided prompt template. The included shell scripts perform only site fetches, simple parsing, and local caching. They do not read unrelated system files or exfiltrate data to third-party endpoints.
Install Mechanism
No install spec or remote downloads; the skill is instruction-only with bundled shell scripts. Scripts are run locally (curl, grep, python3), which is expected for this functionality and poses normal local-execution risk but no hidden installer behavior.
Credentials
The skill requires no environment variables or credentials. It writes/reads a local cache directory (XDG_CACHE_DIR or $HOME/.cache/tmtpost), which is proportionate to its caching behavior. No secrets or unrelated config paths are requested.
Persistence & Privilege
always is false and the skill does not modify other skills or global agent settings. It stores cache files only under a per-user cache directory. No elevated or persistent privileges are requested.
Assessment
The skill appears coherent and limited to scraping and summarizing tmtpost.com pages. Before installing, review the bundled scripts (they will run curl, grep and python3) and note they will create/read a cache under XDG_CACHE_DIR or ~/.cache/tmtpost. The skill accepts user-provided URLs—avoid giving internal or sensitive URLs (SSRF / internal access risk if the agent environment can reach internal networks). Keywords are used as grep/regex patterns (may match more than expected) but there are no requested secrets or external endpoints. If you want extra safety, run the skill in a sandboxed environment or inspect/modify the scripts to restrict allowed hostnames to tmtpost.com.Like a lobster shell, security has layers — review code before you run it.
latestvk9799yzf2chn5r3mhj1ewwt45d845chj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.