Neovim Daily Digest
v1.0.0Build a filtered Markdown digest of important r/neovim posts by combining Reddit RSS feeds (`top/day`, `new`, and `hot`) and prioritizing Neovim tips, plugin...
⭐ 0· 53·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description align with the included Python script and filtering notes. The script fetches Reddit RSS, applies heuristics, and produces digest output — all expected for a Neovim digest skill.
Instruction Scope
SKILL.md instructs running the included script and to consult references/filtering.md for heuristics. It uses an absolute user-specific path (/Users/fox/.openclaw/...) in examples — this is not a security issue but is brittle and should be updated to the skill's runtime path or a relative invocation. The instructions do not ask the agent to read unrelated files or secrets.
Install Mechanism
There is no install spec (instruction-only with a code file). No downloads or package installs are performed. The only external resources are RSS feeds (reddit.com) and GitHub links, which are appropriate for the stated task.
Credentials
No environment variables, credentials, or config paths are requested. One runtime detail: the script falls back to calling curl via subprocess if urllib fails, so a curl binary may be used (not declared). This is reasonable but worth noting since the skill assumes network access and may invoke curl if Python's HTTP call errors.
Persistence & Privilege
The skill does not request persistent or elevated privileges and does not set always:true. It is user-invocable and can be run autonomously (platform default), which is normal for this type of skill.
Assessment
This skill appears internally consistent and matches its description. Before installing: (1) review the script if you want to be sure of the behavior (it fetches Reddit RSS and may call curl on failure); (2) be aware it needs outbound network access to reddit.com and will read post content and links (including GitHub links) but does not request any secrets; (3) update or avoid the example absolute /Users/fox path when running on your system — run the script from the skill workspace or use a relative path; (4) run the script in a sandbox the first time if you want to confirm behavior and output. If you want extra assurance, open the included scripts/neovim_digest.py and references/filtering.md to verify there are no unexpected remote endpoints or credential uses (none were found in this review).Like a lobster shell, security has layers — review code before you run it.
digestvk97fc4qv086hncy0b4b48raxpx83rerglatestvk97fc4qv086hncy0b4b48raxpx83rergneovimvk97fc4qv086hncy0b4b48raxpx83rergredditvk97fc4qv086hncy0b4b48raxpx83rerg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.