Miniflux
PassAudited by ClawScan on May 1, 2026.
Overview
The Miniflux skill matches its stated feed-reading purpose, but it needs a Miniflux API key, may save that key locally, can change article read status, and installs an external Python dependency via uv.
This skill appears reasonable for Miniflux use. Before installing, be comfortable giving it a Miniflux API key, decide whether local credential storage is acceptable, confirm state-changing actions such as mark-read or mark-unread, and consider pinning the Python dependency for reproducible installs.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Claude can access the configured Miniflux account, and the API key may remain on disk for future runs.
The CLI uses a Miniflux API key and can persist it to a local config file when CLI flags are supplied. This is expected for the integration, but it creates delegated account access and a local credential.
api_key = args.api_key or os.environ.get("MINIFLUX_API_KEY") or config.get("api_key") ... json.dump({"base_url": base_url, "api_key": api_key}, f, indent=2)Use a least-privilege Miniflux token if available, prefer environment variables or secret storage over command-line flags, and check permissions on ~/.local/share/miniflux/config.json.
The agent can mark articles as read or unread, which affects what appears in the user's Miniflux account.
The skill exposes state-changing Miniflux actions for specified article IDs. These are purpose-aligned and scoped, but they can change account state.
client.update_entries(args.entry_ids, "read") ... client.update_entries(args.entry_ids, "unread")
Have the agent list or confirm article IDs before marking multiple items read or unread, especially if unread status is important to your workflow.
First use may install a newer dependency version than the author originally tested.
The uv script resolves an external Python package using a lower-bound version range. This is normal for a CLI integration, but dependency behavior can change over time without a pinned version or lockfile.
dependencies = ["miniflux>=1.1.4"]
For higher assurance, pin the miniflux package version or use a lockfile/reviewed environment before running the skill.
Private or sensitive feed article content could be shared with a delegated subagent during summarization.
The instructions may delegate long article content to another agent context for summarization. This is purpose-aligned, but the data boundary for private feed content is not described.
If >5000 words, use a subagent to read and summarize
Avoid subagent summarization for sensitive feeds unless that delegation is acceptable in your environment.