ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Use ClawRSS

v2026.3.29

Use the ClawRSS OpenClaw plugin to manage RSS feeds, persist web results, pull saved items, work with digest articles, and send Apple push notifications afte...

0· 88·0 current·0 all-time
by@ipocket-app

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for ipocket-app/use-clawrss.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Use ClawRSS" (ipocket-app/use-clawrss) from ClawHub.
Skill page: https://clawhub.ai/ipocket-app/use-clawrss
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Config paths to check: plugins.entries.clawrss.enabled
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install use-clawrss

ClawHub CLI

Package manager switcher

npx clawhub@latest install use-clawrss
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name, description, and SKILL.md consistently describe managing RSS feeds, saving/searching articles, digest workflows, and push notifications. The single required config path (plugins.entries.clawrss.enabled) matches that purpose and there are no unrelated env vars or binaries requested.
Instruction Scope
Runtime instructions are narrow and focused: they direct the agent to call specific OpenClaw tools (openclaw_rss_*, openclaw_push_*, web_search) and to verify outcomes. The skill does not instruct the agent to read unrelated files, request extra credentials, or exfiltrate data to unknown endpoints. It does rely on a workspace ID and on the platform's web_search/push tools, which will transmit data to their normal endpoints.
Install Mechanism
Instruction-only skill (no install spec and no code files). This is low-risk from an install/execution perspective because nothing is downloaded or written by the skill itself.
Credentials
The skill requires no environment variables or external credentials in the manifest. The required config path (plugins.entries.clawrss.enabled) is proportionate to its function. The SKILL.md does not attempt to read other env vars or secrets.
!
Persistence & Privilege
The skill is marked always: true in its metadata and agents/openai.yaml allows implicit invocation. always: true forces the skill to be included in every agent run, increasing the attack surface and potential for unexpected autonomous use. The SKILL.md does not justify this permanent presence; most workspace-scoped utility skills do not need to be forcibly always-enabled.
What to consider before installing
This skill appears to do what it says (manage RSS, digests, and push notifications) and it requests no credentials. The main concern is that it is configured always: true (forced into every agent run). Always-enabled skills increase the chance the agent will call RSS/push actions implicitly or at unexpected times. Before installing, consider: 1) Ask the publisher why always: true is necessary — it should not be required for a workspace-scoped RSS tool. 2) If you install, prefer disabling the always flag (or only enable the skill when you need it) so it cannot be implicitly invoked in unrelated tasks. 3) Ensure your ClawRSS push target is correctly configured in the plugin and confirm push status before sending notifications (the SKILL.md warns not to claim delivery if not configured). 4) Because the skill uses web_search and push tools, be aware that content you ask it to save/notify will be transmitted to those services; avoid sending highly sensitive secrets through searches or digests. 5) If you need a higher-assurance decision, request the maintainer to remove always: true and to provide a brief rationale for implicit invocation policy.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Configplugins.entries.clawrss.enabled
latestvk970xgkx3n7ryv3wp395n37pv983sq2m
88downloads
0stars
1versions
Updated 1mo ago
v2026.3.29
MIT-0
@ipocket-app
latest
Download

Use ClawRSS

Use this skill when the user wants to work with ClawRSS after the plugin is installed.

Typical requests:

  • add, list, or remove RSS feeds
  • search the web and save results into ClawRSS
  • pull saved RSS/article items and mark a cursor consumed
  • save, list, read, or push digest articles
  • send a short Apple push notification through the configured ClawRSS push target

Required workspace rule

ClawRSS is workspace-based.

  • Reuse the exact workspace ID as namespace for every ClawRSS tool call.
  • For openclaw_rss_pull and openclaw_rss_mark, use that same value as both namespace and consumer.
  • If the workspace ID is missing and cannot be inferred from the current ClawRSS context, ask for it before writing.

Tool mapping

Use these tools for the matching data type:

  • feeds: openclaw_rss_upsert_feed, openclaw_rss_list_feeds, openclaw_rss_delete_feed
  • web results and article records: web_search, openclaw_rss_ingest, openclaw_rss_pull, openclaw_rss_mark
  • digests: openclaw_rss_save_digest, openclaw_rss_pull_digests, openclaw_rss_get_digest, openclaw_push_notify_digest
  • generic push: openclaw_push_get_status, openclaw_push_notify

Do not confuse feeds, article records, and digest records.

  • Do not call only openclaw_rss_ingest and then say a feed was subscribed.
  • Do not use openclaw_rss_save_digest for normal article search results.
  • Do not claim push delivery succeeded if push is not configured.

Feed workflow

For add or subscribe requests:

  1. Determine the real RSS or Atom feed URL.
  2. Call openclaw_rss_upsert_feed.
  3. Call openclaw_rss_list_feeds with the same namespace.
  4. Confirm success only if the feed appears in the list result.

For remove requests:

  1. Use the exact stored feed URL when possible.
  2. Call openclaw_rss_delete_feed.
  3. Re-list feeds if the user expects verification.

If the user gives only a normal website page and you cannot confirm a real feed URL, say it was not subscribed yet.

Search plus persistence workflow

For latest, trending, breaking, or web-fresh information:

  1. Search the web first.
  2. Normalize results into title, url, kind, snippet, and optional sourceHost, score, publishedAt.
  3. Default kind to article. Use rss only for confirmed feed URLs.
  4. Call openclaw_rss_ingest.
  5. If the user also wants to follow a confirmed feed URL, separately call openclaw_rss_upsert_feed.

Pull and mark workflow

For sync or "show what is stored" requests:

  • Call openclaw_rss_pull with the workspace as both namespace and consumer.
  • Use cursor = null unless the user provides a checkpoint.
  • Use kind = "all" unless the user explicitly wants only rss or only article.

For acknowledge or completion requests:

  • Call openclaw_rss_mark only when the user wants to mark a pulled cursor as consumed.
  • Reuse the same workspace value as both namespace and consumer.

Digest workflow

For summaries or scheduled reports:

  1. Call openclaw_rss_save_digest with jobID, scheduledFor, title, bodyRaw, and bodyFormat.
  2. Use openclaw_rss_pull_digests to list saved digests.
  3. Use openclaw_rss_get_digest to read a specific digest.
  4. Use openclaw_push_notify_digest when the user wants the saved digest delivered.

Default digest delivery to background_then_alert unless the user explicitly asks for only background or only alert.

Generic push workflow

Use openclaw_push_notify only for short manual notifications or task completion notices.

  • Keep title and body brief and factual.
  • If configuration is uncertain, check openclaw_push_get_status first.
  • Prefer openclaw_push_notify_digest when the notification is about a stored digest article.

Response contract

When you finish, report:

  • workspace used
  • tools called
  • what was saved, updated, deleted, pulled, marked, or pushed
  • what was verified
  • any missing user input still required

If the plugin is missing

If the ClawRSS tools are unavailable, tell the user to install or enable the ClawRSS plugin first. Use the standalone install-clawrss skill when available.

Comments

Loading comments...