Intelligence Suite
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill may make outbound requests to arbitrary public article websites selected by the feeds, not only to the listed source domains.
The script follows article links obtained from external feeds, including Hacker News story URLs, and fetches their content. This is purpose-aligned for a news scanner, but it means the skill may contact third-party domains beyond the named feeds.
link: s.url || `https://news.ycombinator.com/item?id=${s.id}`,
...
const content = await fetchContent(item.link);If you need strict network boundaries, add an allowlist or require confirmation before deep-scraping off-source article links.
A malicious or noisy article page could include text that tries to influence the agent's behavior during summarization.
Scraped webpage text is printed into a structured block intended for the main agent to consume. Public web content can contain prompt-like text, so it should be treated as untrusted source material.
console.log(`CONTENT_SNIPPET: ${content}`);Instruct the agent to treat all retrieved article snippets as untrusted data and to ignore any instructions contained inside scraped content.
A future npm install could pull different dependency versions than the author tested.
The skill relies on npm packages with semver ranges and no lockfile in the provided artifacts. This is common for Node-based skills but means installs can resolve to newer package versions.
"dependencies": {
"axios": "^1.6.0",
"cheerio": "^1.0.0-rc.12",
"rss-parser": "^3.13.0"
}Use a lockfile or pinned dependency versions if reproducible installs are important.