Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (AI intelligence sentinel) match the included files and instructions: multiple parsers, collection, analysis, and reporter scripts plus WebUI are present. Declared required env/configs are minimal and consistent with optional Twitter/GitHub settings described in docs.
Instruction Scope
SKILL.md explicitly instructs running python scripts (scripts/collect.py, scripts/reporter.py) which perform network scraping/API calls against GitHub, arXiv, HackerNews, RSS, Twitter/X, and configured websites. The instructions do not attempt to access unrelated system areas, but collector/parsers will fetch arbitrary URLs from config (including user-added custom sources). The docs also reference storing API keys in config or environment; SKILL.md itself does not declare required secrets but runtime behavior will skip Twitter if token is not provided.
Install Mechanism
No install spec is present; this is a local Python script collection requiring typical pip packages (requests, feedparser, pyyaml, jinja2, schedule). No remote download/extraction or obscure third-party installers are used. Code is included in the bundle rather than fetched at install time.
Credentials
The skill declares no required env vars. Documentation and parsers optionally use API credentials (Twitter bearer token, optional GitHub token) stored in config/settings.yaml or environment variables. Requesting such tokens is proportional to the stated integrations, but users should avoid placing secrets in tracked files and be mindful that configurable 'custom' sources may point to arbitrary endpoints.
Persistence & Privilege
The skill is not set to always:true and does not request elevated persistent privileges. It writes reports and output files to local directories (reports/, output/) as expected; there is no evidence it modifies other skills or system-wide agent settings.
Assessment
This package appears to do what it claims (crawl multiple public AI sources, score, and emit Markdown reports). Before running it: (1) review and edit config/sources.yaml to avoid subscribing to unknown or internal URLs; (2) do not place real API secrets into tracked repo files — use environment variables or an ignored config; (3) if you plan to run this on a server with access to internal networks, consider isolating it (container/VM) because the collector will fetch arbitrary configured URLs (risk of SSRF or scraping internal endpoints); (4) inspect any custom parser code you add (scripts/parsers/) since parsers execute network requests and can be pointed at attacker-controlled endpoints; (5) run in a non-production environment first to confirm behavior. If you want a deeper assessment, provide the omitted/truncated files (the static scan noted many files were truncated) so I can check for hidden endpoints or obfuscated code.Like a lobster shell, security has layers — review code before you run it.
latestvk97ey8wrry4r4yqzpw0zj84ked84mkqb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.