40Medium
The skill accesses sensitive environment variables and
Behavior Analysis
Description verified — behavior matches claim
Claims to do
Tech News Digest: Automated tech news digest system with unified data source model, quality scoring pipeline, and template-based output generation.
Actually does
This skill executes Python scripts to fetch tech news from RSS feeds, Twitter/X APIs, Brave/Tavily web search APIs, GitHub APIs (releases and trending), and Reddit's public JSON API. It processes this data by merging, deduplicating, and scoring articles, then generates output in various formats (Discord, email, PDF) using templates. It uses `openssl` for GitHub App JWT signing and `gh` CLI for token fallback, and can send emails via `mail` or `gog` and generate PDFs via `weasyprint`.
Skill Info
Namedinstein/tech-news-digest
Registryclawhub
Version3.16.0
PURLpkg:clawhub/dinstein/tech-news-digest@3.16.0
Stars23
Downloads7,840
Installs121
Source
SHA-25608006997c6f2...
SHA-1535000bce372...
MD5312bd1578f37...
TLSHbba24a37e521...
ssdeep384:/c34vsZJ...
Size21,908 bytes
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
ClawHubDocs
openclaw skills install dinstein/tech-news-digestAssessments (1)
AI Agent Traps ↗Access to sensitive environment variables detectedinfocredential theft
Access to sensitive environment variables detected
100% confidenceline 164
$GITHUB_TOKEN
Command execution via subprocesseslowcommand execution
The skill executes Python scripts and external binaries (`openssl`, `gh`) via subprocess calls. While the skill claims strict control over arguments, this capability could be abused if the argument sanitization or the agent's adherence to instructions were compromised.
90% confidenceline 450
python3 scripts/run-pipeline.py openssl dgst -sha256 -sign gh auth token
Private key file path in environment variablemediumhardcoded secrets
The skill requires a path to a GitHub App private key file via an environment variable, which is used by `openssl` for JWT signing. Handling private keys, even with declared secure usage, is a sensitive operation.
90% confidenceline 36
GH_APP_KEY_FILE="/path/to/key.pem" Path to GitHub App private key PEM file
Use of multiple external binarieslowresource abuse
The skill declares and uses several optional external binaries (`mail`, `msmtp`, `gog`, `weasyprint`) for specific functionalities like email delivery and PDF generation. A compromise in how the skill invokes these binaries could potentially lead to unintended actions or resource abuse.
70% confidenceline 11
optionalBins: ["mail", "msmtp", "gog", "gh", "openssl", "weasyprint"]
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/clawhub/dinstein/tech-news-digest)HTML
<a href="https://mondoo.com/ai-agent-security/skills/clawhub/dinstein/tech-news-digest"><img src="https://mondoo.com/ai-agent-security/api/badge/clawhub/dinstein/tech-news-digest.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/clawhub/dinstein/tech-news-digest.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow