Back to skill
Skillv1.0.0
ClawScan security
Find RSS · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 8, 2026, 11:27 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with its stated purpose (discovering RSS/Atom feeds); it contains a small shell script that fetches pages and tests common feed paths and does not request unrelated credentials or install steps — minor notes about undeclared required CLI tools and typical network-probing risks.
- Guidance
- This skill appears to do exactly what it says: a local shell script fetches the given URL and checks HTML and common paths for RSS/Atom feeds. Before installing, verify you are comfortable with the skill running curl/grep/sed on URLs you provide (these tools are not listed as required but are used by the script). Do not give it internal or sensitive network addresses if the agent has access to your internal network (it will attempt arbitrary HTTP requests and could be used to probe internal hosts). If you want extra caution: inspect the script yourself, run it in a sandbox or limited environment, and consider disabling autonomous invocation or restricting the skill so it only runs on user confirmation.
Review Dimensions
- Purpose & Capability
- noteThe name/description match the included behavior: the SKILL.md and scripts/search logic both implement feed discovery. One minor mismatch: the skill declares no required binaries, but the script relies on standard CLI tools (curl, grep, sed, sort, head). This is expected for a shell script but should have been declared.
- Instruction Scope
- okThe SKILL.md and script stay within scope: they fetch a provided URL, parse HTML for <link> tags, and probe common feed paths. The instructions do not read unrelated files, request secrets, or send discovered data to third parties. Note: the script will perform arbitrary HTTP(S) requests for whatever URL is given, so it can be used to probe internal or restricted hosts if run in an environment with such network access (SSRF-style risk).
- Install Mechanism
- okNo install spec; this is an instruction-only skill with a small shell script included. Nothing is downloaded from external sources or written to unusual locations during installation.
- Credentials
- okThe skill requests no environment variables, keys, or credentials. The script uses only the provided URL and makes network calls to that target; no secret access is required or requested.
- Persistence & Privilege
- okalways is false and the skill does not modify other skills or system configuration. It does not request persistent privileges or self-enable behavior beyond normal autonomous invocation (which is the platform default).