Skills
skills/one-box-u/openclaw-daily-hot-news/daily-hot-news/Snyk

daily-hot-news

Warn

Audited by Snyk on Feb 16, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.90). The skill's api_client fetches live hot-list data from public third-party platforms via the DailyHotApi endpoints (e.g., weibo, zhihu, bilibili, douyin, 36kr, etc.), and modules such as news_digest.py, cross_platform.py, sentiment_monitor.py and personalized.py directly read and interpret that untrusted/user-generated content as part of their workflows, exposing the agent to potential indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill's deploy_daily_hot_api() function can run at runtime and will git-clone https://github.com/imsyy/DailyHotApi.git and execute its deploy.sh, which fetches and runs remote code that the skill uses to provide its backend—constituting a runtime fetch that executes remote code.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 01:23 AM