ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

naver-news-briefing

v1.3.2

Search, brief, and monitor 대한민국 Naver News via the Naver Search API using natural-language Korean queries. Use when the user wants 네이버 뉴스 브리핑, 최근 N일 뉴스 요약, 제...

0· 97·0 current·0 all-time
by@twbeatles
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, CLI commands in SKILL.md, and the included Python modules consistently implement a Naver Search API-based news search/brief/watch system. The code calls only the Naver Search endpoint (openapi.naver.com) for queries and implements local persistence (data/config.json, SQLite DB) and scheduling guidance; nothing in the code requires unrelated cloud credentials or unrelated binaries.
Instruction Scope
Runtime instructions in SKILL.md are narrow and concrete: run the CLI script, perform setup to store client_id/client_secret, then use search/watch/group/brief-multi commands. The instructions reference only local files (data/config.json, data/ DB) and the Naver API. There are no instructions to read unrelated system files or to call external endpoints other than the official Naver Search API.
Install Mechanism
There is no install spec — the skill is instruction-first and ships Python code. That is the lowest-risk install pattern for this type of CLI skill. The repository includes code files but no third-party remote download/install steps.
!
Credentials
The skill requests no environment variables (credentials are provided via the CLI and saved to data/config.json). However, the repository includes a populated data/config.json containing a client_id and a base64 blob client_secret_enc. Shipping a filled config in the repo is unexpected: the client_id and encrypted client_secret example may be real or sensitive. Additionally, the code uses DPAPI only on Windows; on non-Windows platforms the client_secret will be stored in plain text in data/config.json — so secrets provided on Linux/macOS will be persisted unencrypted unless you handle them externally. This is proportionate for the stated purpose (the tool needs a Naver client_id/secret), but the committed config and plain-text fallback on non-Windows warrant caution.
Persistence & Privilege
The skill persists its own state under its data/ directory (data/config.json and a local SQLite DB) and does not request always:true or modify other skills' configs. Autonomous invocation is allowed (platform default). The persistence is limited to the skill's own files and is consistent with its functionality.
Scan Findings in Context
[base64-block] expected: A base64-like block is present in data/config.json as client_secret_enc (DPAPI-encrypted secret). Finding a base64 blob is expected for an encrypted secret stored for DPAPI use, but including such a filled config in the repository is unusual and should be validated (ensure it is not your real secret).
Assessment
What to check and do before installing/using this skill: - Verify the committed data/config.json: the repo already contains a client_id and an encrypted client_secret_enc blob. Confirm these are dummy/example values and not your real credentials. If they are real, remove them from the repo and rotate the secret in Naver Developer Center. - Know where secrets are stored: the CLI stores credentials in data/config.json. On Windows the skill attempts DPAPI encryption; on non-Windows platforms the code falls back to storing the secret in plain text. If you will run this on Linux/macOS, avoid entering secrets that you don't want persisted in cleartext or store them using an external secret manager and keep data/config.json out of version control. - Inspect network targets: the code uses the official Naver Search API endpoint (https://openapi.naver.com/v1/search/news.json) only — there are no hidden external endpoints in the files reviewed. If you plan to run the skill in production, run it in a controlled environment and monitor outbound requests to confirm behavior. - Consider runtime isolation: run the tool under a limited user account and do not run it as a privileged/system account. The skill writes to its own data/ folder and a local SQLite DB; ensure those files are not world-readable if they will contain sensitive secrets. - If you will commit this project or share it, remove any credentials from data/config.json before committing. If you need encrypted-at-rest secrets on non-Windows hosts, integrate with an appropriate secret store rather than relying on the provided plain-text fallback. Overall: the skill is coherent with its stated purpose. The main actionable caution is the presence of a populated config JSON and the plain-text storage fallback on non-Windows — verify and sanitize secrets before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e4zz448n1580f3bs1amswz983pvwe

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments