ClawHub

ZAKER行业热门新闻-category news

v1.0.6

获取ZAKER按行业分类的热门新闻(娱乐、科技、财经等)。Use when the user asks about 科技新闻, 财经新闻, 体育新闻, 娱乐新闻, 行业新闻, 互联网动态, 汽车新闻、国内新闻、国际新闻、军事新闻、finance news, tech news, sports news, indu...

0· 66·0 current·0 all-time
byZAKER@zaker-coder
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description claim to fetch category news from ZAKER and the files/instructions do exactly that: they build a GET request to https://skills.myzaker.com/api/v1/article/category and parse/format the returned JSON. There are no unrelated credentials, binaries, or broad accesses requested.
Instruction Scope
SKILL.md and the included scripts only instruct the agent to detect a category, call the specified API endpoint with an app_id, and format results. They do not instruct the agent to read local files, access unrelated environment variables, or transmit data to other endpoints.
Install Mechanism
No install spec is provided (instruction-only). Two small helper scripts are included; they use standard network calls. There is no download-from-arbitrary-URL or extracted archive that would raise a code-injection concern.
Credentials
The skill requires no environment variables, no credentials, and no config paths. The Python script uses the requests library and the shell script optionally uses jq — these are reasonable, proportional runtime dependencies.
Persistence & Privilege
always is false and the skill does not request persistent system privileges or modify other skills/configs. It only performs runtime HTTP requests and local output formatting.
Assessment
This skill appears coherent and limited to fetching category news from the specified API. Before installing, consider: (1) the endpoint is external (https://skills.myzaker.com) and the skill will make outbound HTTP requests — ensure you trust that domain and your network policy allows it; (2) the Python example requires the requests package and the shell example references jq — ensure those runtime dependencies are acceptable; (3) the skill has no homepage and source is listed as unknown, so if you require provenance verify the endpoint or ask the publisher for more details. If you plan to share sensitive context with the agent, avoid including secrets in queries because the skill will send query parameters in outbound requests (though this skill does not request credentials itself).

Like a lobster shell, security has layers — review code before you run it.

latestvk97apnkeh7s4v8cybyktka3rs584520r

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments