SkillMetricScraper

OpenClaw Skills Weekly — tracks trending ClawHub skills, generates GitHubAwesome-style YouTube video scripts with two-track ranking (Movers + Rockets).

This skill appears to implement the described ClawHub snapshot → rank → harvest → script pipeline, but there are several mismatches and implicit behaviors you should review before installing: 1) Check requirements.txt and inspect third-party packages before running pip install; run installs in an isolated environment (virtualenv/container). 2) The project_tracker uses the 'gh' CLI (subprocess.run) and will use whatever GitHub credentials the host's gh CLI provides — if you don't want the skill to access your GitHub account, avoid installing or run with --skip-meta / remove project_tracker. 3) If you care about limiting network exposure, run with flags to skip X/Twitter and GitHub capture (e.g., --skip-x, --snapshot-only) and test in --mock mode first. 4) Only provide ANTHROPIC_API_KEY (and any other API keys) with least privilege and consider using ephemeral/test keys. 5) Review where the DB and output files are written (default: ~/.local/share/skills-weekly or container workspace) and ensure that path is acceptable. If you need this skill, prefer running it in a dedicated container or VM and inspect/lock down any CLI tools (gh) or credentials on the host.

Type: OpenClaw Skill Name: skillmetricscraper Version: 1.3.0 The skill is classified as suspicious due to a shell injection vulnerability in the main `SKILL.md` file. The instruction `python3 run_weekly.py --top 10 --episode ${EPISODE_NUM:-1}` directly substitutes the `${EPISODE_NUM}` variable with user input. If the OpenClaw agent does not sanitize this input, a malicious user could inject arbitrary shell commands (e.g., `1; rm -rf /`), leading to Remote Code Execution (RCE). While the Python code itself appears to align with its stated purpose of tracking skill metrics and community signals, this vulnerability in the agent's execution instructions poses a significant risk.