Research-engine

Name and SKILL.md describe a research engine that collects web/GitHub/Moltbook data and writes reports. The included Python implements that functionality (search, analysis, report writing). However the code imports external modules (tools.web_fetch / tools.web_search and moltbook_skill.get_feed) that are not declared in package.json or requires.env, which is an inconsistency: the skill will fail or implicitly rely on other skills/modules being present.

SKILL.md explicitly advocates proactive/autonomous behavior (e.g., '主动搜索 - 不等待指令', hourly heartbeat integration, run every 3 hours). That grants broad discretion to perform network searches periodically. The runtime instructions and code also read/write files under a user workspace (/home/vken/.openclaw/workspace/research). The combination of autonomous network activity + periodic integration is a scope expansion that users should consent to.

No install spec — instruction-only with an included Python file. Low install risk: nothing is downloaded or extracted at install time.

The skill requests no environment variables or credentials. It uses a default RESEARCH_DIR path (/home/vken/.openclaw/workspace/research) and creates files there; this is reasonable for a reporting tool but the hardcoded path may not match every user. It also relies on external modules (tools, moltbook_skill) rather than declared credentials or packages; the lack of declared dependencies or environment requirements is disproportionate to its runtime imports and network activity because those imports imply external capabilities or permissions.

always is false and the skill does not modify other skills or global settings. However SKILL.md instructs integration into agent heartbeats (hourly/daily/3-hour hooks). While the skill itself doesn't set always:true or persistently enable itself, the intended integration would give it recurring autonomous invocation if the agent owner wires it into those heartbeats — users should be aware before enabling that behavior.