← 返回 Skills 市场
News Aggregator Skill
作者
tonyliu9189
· GitHub ↗
· v0.1.0
3992
总下载
5
收藏
11
当前安装
1
版本数
在 OpenClaw 中安装
/install news-aggregator-skill-2
功能描述
Comprehensive news aggregator that fetches, filters, and deeply analyzes real-time content from 8 major sources: Hacker News, GitHub Trending, Product Hunt, 36Kr, Tencent News, WallStreetCN, V2EX, and Weibo. Best for 'daily scans', 'tech news briefings', 'finance updates', and 'deep interpretations' of hot topics.
安全使用建议
This skill's instructions assume there is a local script (scripts/fetch_news.py) and template files, but the package contains only SKILL.md — nothing to run. Before installing or invoking it, consider: 1) Ask the publisher for the missing scripts and templates or for a trusted source/repository URL so you can review the code. 2) If you must run it, run in a sandboxed environment (network- and filesystem-restricted) so the agent cannot fetch arbitrary code or read unrelated files. 3) Review any scripts (fetch_news.py, templates.md) yourself for scraping behavior, third-party libraries, and any places that might exfiltrate data. 4) Be aware it will download and extract article content (--deep) and save reports to disk; ensure you are comfortable with storing potentially copyrighted or sensitive content. 5) If you cannot obtain or inspect the missing files, do not enable the skill — the mismatch between description and required runtime files is a legitimate red flag.
功能分析
Type: OpenClaw Skill
Name: news-aggregator-skill-2
Version: 0.1.0
The skill is classified as suspicious due to several risky capabilities, even though they are presented as part of the skill's stated purpose. The `SKILL.md` instructs the agent to perform 'deep fetching' using `python3 scripts/fetch_news.py --deep`, which involves downloading and extracting content from external, potentially untrusted, news sources. This introduces a significant attack surface for supply chain risks or vulnerabilities in content parsing. Additionally, the agent is instructed to read local files (`templates.md`) and write reports to the local filesystem (`reports/`), demonstrating file system interaction capabilities. While the prompt injection instruction for keyword expansion is for a functional purpose, the combination of network access to arbitrary external content and file system interactions, without the full script for review, elevates the risk profile beyond benign.
能力评估
Purpose & Capability
The declared purpose (aggregating and deeply analyzing multiple news sources) is plausible, but the SKILL.md expects a local script (scripts/fetch_news.py) and template files that are not present in the bundle. That mismatch means the skill as-published cannot operate without additional code or environment-provided tools.
Instruction Scope
Instructions direct the agent to run a local Python scraper, perform a broad 'deep' fetch that downloads and extracts article content, read templates.md from the skill directory, and write timestamped reports to reports/. Because no code or templates are included, the agent may attempt to locate or fetch missing files or run arbitrary local commands — giving it broad filesystem and network actions beyond the stated passive-aggregation description.
Install Mechanism
There is no install spec (instruction-only). That reduces installer risk because nothing is automatically downloaded or written by an installer. However, runtime commands still expect external scripts to exist.
Credentials
The skill requests no environment variables, credentials, or config paths — which is proportionate for a read-only aggregator. Notably, it plans to fetch content from third-party sites without asking for credentials.
Persistence & Privilege
The skill does not request always:true and is user-invocable only. It does instruct saving reports to a reports/ directory (writing files), which is a modest persistence requirement but not an elevated platform privilege. Still, writing content fetched from arbitrary URLs can consume storage and persist potentially sensitive material.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install news-aggregator-skill-2 - 安装完成后,直接呼叫该 Skill 的名称或使用
/news-aggregator-skill-2触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
Initial release of News Aggregator Skill.
- Fetches and deeply analyzes real-time news from 8 major sources (Hacker News, GitHub Trending, Product Hunt, 36Kr, Tencent News, WallStreetCN, V2EX, Weibo).
- Supports both broad "Global Scan" and targeted keyword searches with automatic keyword expansion for domain coverage.
- Adds deep fetching mode (`--deep`) to extract and include full article content.
- Implements smart time filtering and annotated "smart fill" for sparse results, ensuring rich reports.
- Provides interactive menu/help system triggered by specific user commands.
- Generates concise, structured magazine-style reports in Chinese, saving each session's report to the `reports/` directory.
元数据
常见问题
News Aggregator Skill 是什么?
Comprehensive news aggregator that fetches, filters, and deeply analyzes real-time content from 8 major sources: Hacker News, GitHub Trending, Product Hunt, 36Kr, Tencent News, WallStreetCN, V2EX, and Weibo. Best for 'daily scans', 'tech news briefings', 'finance updates', and 'deep interpretations' of hot topics. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 3992 次。
如何安装 News Aggregator Skill?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install news-aggregator-skill-2」即可一键安装,无需额外配置。
News Aggregator Skill 是免费的吗?
是的,News Aggregator Skill 完全免费(开源免费),可自由下载、安装和使用。
News Aggregator Skill 支持哪些平台?
News Aggregator Skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 News Aggregator Skill?
由 tonyliu9189(@tonyliu9189)开发并维护,当前版本 v0.1.0。
推荐 Skills