Skillv1.0.0

ClawScan security

newsletter-init · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 3, 2026, 9:50 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only newsletter generator whose declared requirements and instructions are coherent with its stated purpose and do not request unexplained credentials or installs.
Guidance: This skill is a high-level playbook + templates for producing newsletters and is internally consistent. Before using it: (1) confirm how your agent will perform web searches and whether it will scrape social media sites (some sites require API keys or have scraping rules); (2) if you want periodic delivery, plan which delivery channel (email, Slack, etc.) to integrate and only provide the minimum credentials to the integration you trust; (3) because the SKILL.md is open-ended about data sources and selection logic, review the agent's actual actions during initial runs to ensure it only accesses permitted sources and does not post or exfiltrate content without explicit setup; (4) since the skill is instruction-only, it does not install code locally — this reduces risk but also means implementation depends on the agent/runtime environment, so verify network and scraping behaviors in a controlled test before enabling recurring automation.

Review Dimensions

Purpose & Capability: okName/description (personalized newsletter generation) align with the contents of SKILL.md and the two included templates. There are no unexpected required binaries, environment variables, or install steps that would be disproportionate to a newsletter-generation skill.
Instruction Scope: noteInstructions stay within the newsletter generation scope (search, filter, organize, produce templates). However they are high-level and grant the agent broad discretion about how to perform searches (including 'social media', 'RSS', '网站') and how to implement '智能筛选' and '推送' — the SKILL.md does not specify which APIs/endpoints or delivery mechanisms to use. This is consistent with the stated purpose but is intentionally open-ended and could require additional explicit user configuration (e.g., which services to access, whether to authenticate).
Install Mechanism: okInstruction-only skill with no install spec or code files that execute on the host. No downloads or archive extraction — lowest install risk.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. That is proportional to a generic instruction template. Note: if the user enables scheduled pushes or integrations (email, Slack, social posting, RSS readers), those will require service-specific credentials which are not requested by the skill itself and should be supplied deliberately and minimally by the user.
Persistence & Privilege: okalways:false and user-invocable:true (defaults). The skill does not request persistent system presence or modification of other skills/configs. Autonomous invocation is allowed by platform default but the skill does not claim escalated privileges.