Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
DataPulse
v0.8.1Cross-platform content collection, web search, trending topics, confidence scoring, and watch/triage workflows for assistant and agent usage.
⭐ 0· 245·2 current·2 all-time
byvincent.sun@sunyifei83
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (cross-platform content collection, trending, scoring, watch/triage) match the included collectors, triage/workflow modules, and console/server pieces. Required binary is only python3 which is appropriate for a Python skill; optional capabilities (Playwright, yt-dlp, transcript/backends) are documented and align with the collectors implemented.
Instruction Scope
SKILL.md spells out runtime behavior: read target URLs, optional browser login (opt-in), local server only when explicitly started, alert POSTs only when user-configured routes exist. The code implements network calls to many third-party endpoints (websites, Jina/Tavily/Groq, social platforms) and writes session files to ~/.datapulse and JSON data under the working directory. This is consistent with the stated scope — but it does read environment variables and local test env vars (DATAPULSE_SMOKE_*, DATAPULSE_LOCAL_TEST_CONTEXT, JINA/TAVILY/GROQ, Telegram keys) which are not declared as required in the registry metadata (they are documented as optional in SKILL.md).
Install Mechanism
The skill has no install spec (instruction-only in registry), yet the code contains many third-party imports (requests, bs4, feedparser, youtube_transcript_api, Playwright) and calls out optional extras (datapulse[browser], datapulse[console]). No automated dependency installation is declared in the registry metadata — the runtime will fail or behave differently unless the environment already has the needed packages and external tools (yt-dlp, Playwright browsers). This is a usability and deployment risk rather than an outright malicious signal, but you should expect to install dependencies manually or run in an environment with those packages available.
Credentials
The skill requests no required env vars in registry metadata, and SKILL.md lists a set of optional API keys (JINA_API_KEY, TAVILY_API_KEY, GROQ_API_KEY, TG_API_ID/HASH, various DATAPULSE_SMOKE_* test URLs). All of these map to documented features (search backends, transcription, Telegram integration, smoke tests). There is no request for unrelated credentials (AWS, SSH keys, etc.). However, the code references secret accessors (get_secret/has_secret), and several env keys are used at runtime if present — the registry not listing any env requirements is acceptable but you should be aware these optional keys, if set, will be used.
Persistence & Privilege
always:false and disable-model-invocation:false (normal). The skill writes session state to ~/.datapulse/sessions/ and stores mission/triage/story data as JSON in the working directory (data/). SKILL.md documents these locations and states writes are opt-in (e.g., login to capture Playwright sessions, enabling alert routes, running the console). The skill does not claim to modify other skills or system config.
Assessment
This package appears to do what it says: scrape and normalize content across many platforms, optionally use browser automation, run transcripts, and persist watch/triage data. Before installing or running it: (1) run it in an isolated environment (virtualenv/container) because it needs many Python packages and may call external binaries (yt-dlp, Playwright browsers); (2) only set optional API keys (JINA/TAVILY/GROQ/Telegram) if you trust the code and want those backends enabled; (3) be aware it will write session files to ~/.datapulse and data/ in the working directory — inspect those directories if you want to avoid leaving sensitive session state on disk; (4) the skill will make outbound HTTP requests to many public services and the target URLs you provide — if you need to prevent network egress, do not run it with network access; (5) because there is no install spec, manually install the documented optional dependencies (or use the project's extras) before use; (6) if you want higher assurance, review the remaining omitted source files (core/security.py, core/ops.py, etc.) to verify secret handling and subprocess usage. If anything in the omitted files looks like it reads unrelated credentials or posts data to unknown endpoints, treat that as a red flag.Like a lobster shell, security has layers — review code before you run it.
latestvk971zkz50sr9x9x4wpq13yvtnx82jpsg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binspython3