Publish-Mate

Fetch global news from RSS/API sources, auto-generate articles with images, and publish to WordPress or custom CMS platforms

What to check before installing: - Credential handling: The skill needs a WordPress Application Password (WP_APP_PASSWORD). Confirm that the registry entry matches SKILL.md (SKILL.md marks WP_APP_PASSWORD as primaryEnv but the registry omitted it). Only provide an application password with narrowly scoped rights and consider creating a dedicated low-privilege account for publishing. - Trust news/image sources: The skill will fetch arbitrary URLs from configured feeds and custom APIs and will follow links to fetch full article HTML and images. Only configure trusted feeds/APIs — a malicious feed could point at internal services (localhost, 169.254.*, internal IPs) and cause your agent to make unauthorized requests (SSRF-like behavior). - Storage of secrets: The README/SKILL.md suggests storing WP_APP_PASSWORD in OpenClaw settings. Understand the security of that storage location (~/.openclaw/openclaw.json) and who can read it on your machine. If you must, run the skill in a restricted account or isolated environment. - Review 'uv' install step: The manifest lists an install step using 'uv' to install certifi. Verify what 'uv' means in your OpenClaw environment and that it pulls packages from a trusted source before running install. - Run offline/test first: Use the preview/dry-run commands and start with a safe config (small max, preview mode, no publish, no custom sources) to observe behavior. Inspect logs under the skill's logs/ directory. - Network isolation if needed: If you are concerned about SSRF or accidental requests to internal services, run the skill in an environment with restricted outbound access or explicitly whitelist the domains you trust. If you want, I can: (a) point out the exact lines where the skill reads environment variables and performs outbound requests, (b) draft a minimal config that limits risk for initial testing, or (c) suggest CLI flags/config changes to make fetching safer (e.g., disable fetch_full_article, restrict allowed hostnames).

Type: OpenClaw Skill Name: publish-mate Version: 1.0.0 The skill provides automated news aggregation and WordPress publishing capabilities, but contains a significant security vulnerability in 'scripts/auto_publish.py' where SSL certificate verification is explicitly disabled (ssl.CERT_NONE) during image uploads. Additionally, 'scripts/fetch_news.py' performs unvalidated web scraping on URLs retrieved from external RSS feeds, which could be leveraged for Server-Side Request Forgery (SSRF) if a source is compromised. While the code appears to follow its stated purpose without clear malicious intent, these intentional security bypasses and lack of input validation pose a risk to the user's credentials and local network.