ClawHub
Back to skill
v1.1.1

Buzz

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:18 AM.

Analysis

Buzz appears aligned with its news-push purpose, but it deserves review because its REST dashboard can be exposed without authentication while managing stored bot/API credentials and it installs runnable code from an external GitHub/npm source.

GuidanceBefore installing, review the GitHub source, pin a trusted version if possible, set dashboard.password before starting, restrict the dashboard to localhost or a protected network, and treat config.json as a secrets file containing bot tokens, API keys, and webhook URLs.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
`POST /api/config` accepts partial updates... If `dashboard.password` is empty, the REST API is **unauthenticated**... The server binds to `0.0.0.0` by default.

The documented REST API can mutate runtime configuration, and the same artifact says the service may be unauthenticated and network-exposed by default.

User impactIf the dashboard is reachable on a network without a password, another user could change feeds, notification destinations, or other alert settings.
RecommendationSet a strong dashboard.password before starting, bind or firewall the service to trusted interfaces only, and require explicit user approval before running config-changing API calls.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
git clone https://github.com/zxcnny930/buzz.git
cd buzz
npm install
npm start

The setup runs code and dependencies fetched from an external repository at install time; this is user-directed and purpose-aligned, but the runnable app is not included or pinned in the provided artifacts.

User impactYou are trusting the current state of the GitHub repository and its npm dependency tree when installing.
RecommendationReview the repository before running it, prefer a pinned release or commit, and inspect dependency lockfiles where available.
Rogue Agents
SeverityLowConfidenceHighStatusNote
SKILL.md
Install, run, and manage a real-time news aggregator with Discord & Telegram push notifications. All configuration is done via REST API with hot-reload

The service is designed to keep running, poll sources, hot-reload settings, and send notifications; this persistence is expected for the stated purpose but should be understood before installation.

User impactThe service may continue using network access and configured credentials until you stop it or disable sources.
RecommendationRun it in a controlled environment, know how to stop the process, and periodically review enabled sources and notification settings.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
SKILL.md
`config.json` stores API keys, bot tokens, and webhook URLs locally... `telegram`: {`botToken`: `123456:ABC-DEF`}... `ai`: {`apiKey`: `xai-...`}

The skill expects locally stored credentials for Discord/Telegram/webhook/AI integrations, which is aligned with push notifications but gives the service delegated account authority.

User impactExposure of the config file or dashboard could let someone send through your bots/webhooks or consume paid API quota.
RecommendationUse least-privileged tokens, keep config.json out of version control, protect the dashboard, and rotate any token that may have been exposed.