Automatically collects and summarizes the latest core news for US, Europe, Japan stock markets, gold, and prediction markets. Use when user asks about fund n...
Security Analysis
medium confidenceThe skill's code and runtime instructions perform actions (web searches, writing to /root paths, calling another skill's scripts, pushing to GitHub, sending to Telegram) but the package declares no required credentials or dependencies — the pieces don't line up and need clarification before trusting it.
The skill claims to collect/summarize fund news, which is reasonable, but the implementation references external tooling and side-effects not declared in metadata: it calls a local qveris tool under /root/clawd/skills/qveris, expects a Brave Search API key, saves files into /root/clawd/obsidian-vault, and auto-pushes to a GitHub repo. None of these required credentials, config paths, or inter-skill dependencies are declared in the registry metadata, which is disproportionate to the stated simple news-summary purpose.
SKILL.md instructs running /root/clawd/skills/fund-news-summary/fund_news.py (cron-run at 11:00 BJT) and sending output to Telegram. The script itself also performs Obsidian file writes and GitHub pushes and executes other-skill scripts. The instructions grant broad filesystem and network actions (write to /root paths, call other skill code, push to remote), and SKILL.md does not document required credentials or external endpoints for these actions.
There is no install spec (instruction-only install), which minimizes supply-chain install risk. However, the included Python files use third-party libraries (aiohttp, asyncio patterns) and expect a sibling 'qveris' skill directory and local git configuration; missing an install step means required Python packages or other skill components may not be present, leading the script to run arbitrary local code if those files exist.
Registry metadata lists no required env vars, but the code reads BRAVE_API_KEY and the runtime behavior (Telegram send, Git push) implies additional secrets (Telegram bot token/chat id, Git credentials or SSH key) are needed. This mismatch is a high-risk omission: secrets are required by the code but not declared or scoped in the skill manifest.
The skill is not always-enabled, but it is configured for automated cron execution and performs persistent actions: writing daily notes into /root/clawd/obsidian-vault and auto-pushing to a GitHub repo. It also invokes scripts in another skill directory (/root/clawd/skills/qveris). Those behaviors give it ongoing write/network capabilities and cross-skill execution scope that should be explicitly declared and limited.
Guidance
This package is inconsistent: the code expects API keys and performs filesystem and network actions (Brave Search API, Telegram send, writing to /root/clawd/obsidian-vault, and git push), but the manifest declares no required credentials or dependencies. Before installing or enabling it, ask the author to: (1) list all required environment variables (BRAVE_API_KEY, Telegram bot token/chat id, any GIT credentials) and explain how credentials are stored; (2) declare the dependency on the local qveris skill and confirm what scripts it will execute; (3) confirm the Obsidian path and GitHub push behavior and why those external writes are necessary; (4) provide an install spec or dependency list (aiohttp, etc.). If you cannot obtain clear answers, run the skill in a sandbox or disable autonomous/cron execution and inspect its network calls (and verify that git pushes and Telegram messages cannot occur without explicit, separate credentials). Additional information (explicit env var list, a readme for qveris dependency, or limiting the skill to return results without auto-push/send) would raise confidence and could reclassify this as benign.
Latest Release
v1.0.4
Fix description: add explicit trigger phrases per Anthropic guidelines
More by @YonghaoZhao722
Published by @YonghaoZhao722 on ClawHub
