ClawHub

Follow News

AdvisoryAudited by Static analysis on May 12, 2026.

Overview

No suspicious patterns detected.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteMedium Confidence
ASI04: Agentic Supply Chain Vulnerabilities
What this means

The skill may not work as installed, or a user may need to obtain unreviewed code from an external source to make it functional.

Why it was flagged

The skill relies on helper scripts such as run-pipeline.py, validate-config.py, and source fetchers, but the provided manifest lists only SKILL.md and no install spec/code files. That limits review of the actual runnable implementation.

Skill content
Run `run-pipeline.py` first, then render with the requested template.
Recommendation

Use only a verified repository/version and review the referenced scripts before running them or giving them credentials.

NoteHigh Confidence
ASI03: Identity and Privilege Abuse
What this means

If over-scoped or mishandled, these credentials could expose provider accounts or GitHub App access.

Why it was flagged

The skill discloses optional provider credentials for Twitter/X, search, and GitHub access. These are purpose-aligned for collecting news and rate-limit handling, but they are sensitive account credentials.

Skill content
GETX_API_KEY ... X_BEARER_TOKEN ... TWITTERAPI_IO_KEY ... GITHUB_TOKEN ... GH_APP_KEY_FILE ... Path to GitHub App private key PEM file
Recommendation

Provide only the minimum read-only credentials needed, avoid broad GitHub tokens/private keys where possible, and rotate any key used with unreviewed helper scripts.

NoteMedium Confidence
ASI02: Tool Misuse and Exploitation
What this means

Running the skill may open or close browser tabs/windows and could use the active account context depending on the OpenCLI setup.

Why it was flagged

The skill may use OpenCLI/browser automation for X/Twitter collection. This is disclosed and aligned with KOL monitoring, but browser automation can interact with user sessions or browser windows.

Skill content
OPENCLI_CLOSE_TABS_AFTER_RUN ... close OpenCLI-created X/Twitter tabs ... OPENCLI_CLOSE_CHROME_WINDOWS_AFTER_RUN ... close Chrome automation windows opened by OpenCLI on macOS
Recommendation

Run browser-backed collection in a dedicated browser profile/account and confirm what OpenCLI can access before using it.