ClawHub

Threat Briefing

v1.0.0

Generate a daily or weekly cybersecurity threat briefing from open sources. Covers new vulnerabilities, active exploits, ransomware campaigns, APT activity,...

0· 146·0 current·0 all-time
bySolomon Neas@solomonneas
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the actual content: SKILL.md contains a structured template and a list of open-source threat intelligence outlets. The skill does not request unrelated binaries, credentials, or system access.
Instruction Scope
Runtime instructions are scoped to assembling a briefing from public sources and tailoring recommendations. They do not ask the agent to read local files, access unrelated environment variables, or transmit data to unexpected endpoints. The skill assumes the agent can consult public sources (news sites, CISA, NVD), which is appropriate for its purpose.
Install Mechanism
No install spec and no code files — nothing will be written to disk or installed. This is the lowest-risk installation footprint and is proportionate for a template/instruction skill.
Credentials
The skill declares no required environment variables, credentials, or config paths. That matches the stated purpose (open-source briefing generation). There are no unexplained requests for secrets or system credentials.
Persistence & Privilege
Flags are default (not always), and autonomous invocation is allowed by platform default. The skill does not request persistent presence or elevated privileges and does not modify other skills or agent-wide config.
Assessment
This skill is a template-only briefing generator and appears coherent and low-risk: it doesn't install software or ask for secrets. Before installing, confirm whether the agent runtime has the expected web access to the listed sources (CISA, NVD, news sites). Be aware that the agent may need to fetch pages and could accidentally summarize false or paywalled content — verify IOCs and actionable recommendations before applying them. If you have sensitive internal context you want included, prefer providing it explicitly rather than granting broad agent access to internal systems. If you want stricter data handling, consider adding constraints (allowed sources list, explicit TLP markings other than WHITE) or requiring review before publishing briefings.

Like a lobster shell, security has layers — review code before you run it.

latestvk973144akrebf50dnbd36hp1hd83a4ny

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments