Skillv1.0.0

ClawScan security

AI News Simple · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 1, 2026, 11:13 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill is largely a simple curl+grep news scraper and is coherent with its stated goal, but it makes unclear and contradictory claims about using a '70B model' while also claiming 'no external dependencies' and provides no instructions or credentials for that model — this mismatch warrants caution.
Guidance: This skill is basically a set of bash snippets that curl 10 AI news sites and grep for keywords, which is consistent with an 'AI news briefing' purpose. Before installing, consider: (1) The SKILL.md claims use of a 'Llama 3.1:70B' model but gives no instructions on how to run or access that model — clarify whether the agent will use a local model or an external API (and if the latter, what credentials will be required). (2) If the agent will forward scraped content to a third-party model/API, that could leak the fetched text — confirm data residency and privacy policies. (3) Scraping sites with curl+grep is brittle and may violate some sites' terms or anti-scraping rules; consider rate-limiting and robots.txt compliance. (4) The skill does not request secrets or installs, so it does not appear to directly exfiltrate credentials, but the model-handling ambiguity is the main risk. If the author can confirm local-only model use (no external API) or add explicit credential fields and transparent invocation steps, the remaining concerns would be resolved.

Review Dimensions

Purpose & Capability: noteThe name and description (AI news briefings) align with the runtime instructions: a bash script that uses curl to fetch pages and grep to extract AI-related lines. Requiring only curl is proportionate to the scraping task. However, the SKILL.md repeatedly references a '70B model' (Llama 3.1:70B) as part of the workflow while the registry and instructions provide no mechanism (no install, no env var/API key, no guidance) to run or access such a model. The README/package.json also claim 'no external dependencies' but still recommend the 70B model — this is an internal inconsistency.
Instruction Scope: noteThe instructions stay within the task of fetching and filtering webpages with curl and grep and producing Chinese briefings; they do not instruct reading arbitrary local files or other credentials. Concern: the instructions do not show how the fetched content is handed to any LLM for 'Chinese generation' — it claims model-enhanced output without specifying whether content is sent to an external API or a local model. That ambiguity could hide data transmission to third-party services if the agent implementation sends scraped text to an external model.
Install Mechanism: okThere is no install spec and no code files with executable installs; the skill is instruction-only and relies on curl being present. This is low-risk from an install/execution perspective.
Credentials: noteThe skill declares no required environment variables, credentials, or config paths — which is appropriate for a simple scraper. However, the repeated references to using a 70B model are unsupported by any declared primary credential or env vars; if the intended model is an external hosted API, the skill currently omits the necessary credential declarations, which is an inconsistency to be aware of.
Persistence & Privilege: okThe skill does not request always:true and has no install behavior that modifies other skills or system-wide settings. It does not request elevated persistence or privileges beyond normal agent invocation.