{ "schemaVersion": "1.0", "item": { "slug": "sec-daily-digest", "name": "Security Daily Digest", "source": "tencent", "type": "skill", "category": "数据分析", "sourceUrl": "https://clawhub.ai/zer0yu/sec-daily-digest", "canonicalUrl": "https://clawhub.ai/zer0yu/sec-daily-digest", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/sec-daily-digest", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=sec-daily-digest", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "README.md", "README.zh-CN.md", "SKILL.md", "package.json", "references/digest-prompt.md", "scripts/sec-digest.ts" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/sec-daily-digest" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/sec-daily-digest", "agentPageUrl": "https://openagent3.xyz/skills/sec-daily-digest/agent", "manifestUrl": "https://openagent3.xyz/skills/sec-daily-digest/agent.json", "briefUrl": "https://openagent3.xyz/skills/sec-daily-digest/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Sec Daily Digest", "body": "Generate a daily cybersecurity digest for researchers from CyberSecurityRSS OPML feeds and Twitter/X security KOL accounts.\nTrigger command: /sec-digest." }, { "title": "When to Use", "body": "The user asks for a daily or latest cybersecurity digest.\nThe user needs balanced AI + security coverage from RSS feeds.\nThe user wants Twitter/X KOL security updates alongside RSS content.\nThe task needs merged vulnerability events (CVE-first + non-CVE clustering).\nThe user requests provider control (openai|gemini|claude|ollama) or --dry-run." }, { "title": "When Not to Use", "body": "The user wants ad-hoc one-off article summaries (use direct summarization instead).\nThe user expects arbitrary output language switching." }, { "title": "Quick Start", "body": "# Basic (RSS only, no AI scoring)\nbun scripts/sec-digest.ts --dry-run --output ./output/digest.md\n\n# With AI scoring + Twitter KOLs\nTWITTERAPI_IO_KEY=your-key bun scripts/sec-digest.ts \\\n --provider claude --opml tiny --hours 48 --output ./output/digest.md\n\n# Weekly mode (168h window)\nbun scripts/sec-digest.ts --mode weekly --provider openai --output ./output/weekly.md\n\n# With email delivery (requires gog)\nbun scripts/sec-digest.ts --provider claude --email me@example.com --output ./output/digest.md\n\n# With full text enrichment\nbun scripts/sec-digest.ts --provider claude --enrich --output ./output/digest.md" }, { "title": "CLI Flags Reference", "body": "FlagDescriptionDefault--provider AI provider: openai|gemini|claude|ollamaopenai--opml OPML profile: tiny|fulltiny--hours Time window in hours48--mode Shortcut: daily=48h, weekly=168h—--top-n Max articles to select20--output Output markdown file path./output/sec-digest-YYYYMMDD.md--dry-runRule-based scoring only (no AI calls)false--no-twitterDisable Twitter/X KOL fetchingfalse--email Send digest via gog to address—--enrichFetch full text for articlesfalse--helpShow help—" }, { "title": "Quick Reference", "body": "Entrypoint: scripts/sec-digest.ts\nPipeline: src/pipeline/run.ts\nConfig root: ~/.sec-daily-digest/\nConfig file: ~/.sec-daily-digest/config.yaml\nSources file: ~/.sec-daily-digest/sources.yaml\nHealth file: ~/.sec-daily-digest/health.json\nArchive dir: ~/.sec-daily-digest/archive/\nOPML cache (tiny): ~/.sec-daily-digest/opml/tiny.opml\nOPML cache (full): ~/.sec-daily-digest/opml/CyberSecurityRSS.opml" }, { "title": "Required Behavior", "body": "Always perform OPML remote update check before feed parsing.\nIf OPML remote check fails, use local cache only when cache exists.\nIf remote check fails and no local cache exists, fail fast (No cached OPML available and remote update check failed.).\nProvider defaults to openai; explicit --provider overrides config.\nRanking uses balanced weights (Security + AI, default 0.5/0.5).\nOutput sections must include AI发展, 安全动态, and 漏洞专报.\noutput_language exists in config, but current implementation outputs fixed bilingual-style markdown; do not assume runtime language switching.\nTwitter KOL section (🔐 Security KOL Updates) appears only when tweets are fetched.\nTwitter fetch is silently skipped (no crash) when no credentials are present." }, { "title": "Twitter/X Configuration", "body": "Twitter KOL accounts are configured in ~/.sec-daily-digest/sources.yaml (auto-created on first run with 15 default security researchers)." }, { "title": "Default KOL List", "body": "Taviso, GossiTheDog, SwiftOnSecurity, MalwareTechBlog, briankrebs, JohnLaTwC, and 9 others." }, { "title": "sources.yaml Format", "body": "sources:\n - id: taviso\n type: twitter\n name: \"Tavis Ormandy / Google Project Zero\"\n handle: taviso\n enabled: true\n priority: true\n topics:\n - security\n\n # Disable a default source:\n - id: thegrugq\n enabled: false\n\n # Add a new custom source:\n - id: myresearcher\n type: twitter\n name: \"My Researcher\"\n handle: myresearcher\n enabled: true\n priority: false\n topics:\n - security" }, { "title": "Backend Selection", "body": "Env Var SetBackend UsedTWITTERAPI_IO_KEYtwitterapi.io (preferred, 5 QPS)X_BEARER_TOKEN onlyOfficial Twitter API v2 (5 concurrent)Bothtwitterapi.ioNeitherTwitter disabled (silent)TWITTER_API_BACKEND=officialForce official API" }, { "title": "Archive (Historical Dedup)", "body": "Articles seen in the past 7 days receive a −5 score penalty (not removed, just deprioritized). Archive files are stored in ~/.sec-daily-digest/archive/YYYY-MM-DD.json and automatically cleaned after 90 days." }, { "title": "Source Health Monitoring", "body": "Each run records fetch success/failure for every source. Sources failing >50% of checks (with ≥2 checks) appear in a ⚠️ Source Health Warnings section at the bottom of the digest. Health data lives in ~/.sec-daily-digest/health.json." }, { "title": "Email Delivery (gog)", "body": "The --email flag sends the digest via gogcli:\n\n# Install (macOS)\nbrew install steipete/tap/gogcli\ngog auth login # one-time OAuth setup\n\n# Send digest\nbun scripts/sec-digest.ts --provider claude \\\n --email me@example.com --output /tmp/digest.md\n\nLog output:\n\n[sec-digest] email=sent to me@example.com\n# or\n[sec-digest] email=failed: gog not found in PATH. Install: ..." }, { "title": "Full Text Enrichment", "body": "--enrich fetches article full text before AI scoring (improves classification and summarization quality). Skips paywalled/social domains (Twitter, Reddit, GitHub, YouTube, NYT, Bloomberg, WSJ, FT)." }, { "title": "cron Integration", "body": "# Daily at 07:00\n0 7 * * * cd /path/to/sec-daily-digest && \\\n bun scripts/sec-digest.ts --mode daily --output ~/digests/sec-$(date +\\%Y\\%m\\%d).md \\\n 2>&1 | tee -a ~/.sec-daily-digest/cron.log\n\n# Weekly on Monday at 08:00\n0 8 * * 1 cd /path/to/sec-daily-digest && \\\n bun scripts/sec-digest.ts --mode weekly --output ~/digests/weekly-$(date +\\%Y\\%m\\%d).md \\\n 2>&1 | tee -a ~/.sec-daily-digest/cron.log" }, { "title": "Common Mistakes", "body": "Missing API key for selected provider (OPENAI_API_KEY is required, GEMINI_API_KEY is required, ANTHROPIC_API_KEY is required).\nMisreading fallback behavior: OPML fallback is cache-dependent, not unconditional.\nForgetting --dry-run when no provider credentials are available.\nExpecting Twitter KOLs without setting TWITTERAPI_IO_KEY or X_BEARER_TOKEN." }, { "title": "Success Signals", "body": "Logs include [sec-digest] provider=..., [sec-digest] cache_fallback=true|false, [sec-digest] output=..., and [sec-digest] stats feeds=... articles=... recent=... selected=... vuln_events=... twitter_kols=....\nOutput markdown contains the three required sections and vulnerability references.\n~/.sec-daily-digest/archive/YYYY-MM-DD.json is written after each run.\n~/.sec-daily-digest/health.json is updated after each run." }, { "title": "More Detail", "body": "For full installation and extended usage notes, see README.md and README.zh-CN.md." } ], "body": "Sec Daily Digest\n\nGenerate a daily cybersecurity digest for researchers from CyberSecurityRSS OPML feeds and Twitter/X security KOL accounts. Trigger command: /sec-digest.\n\nWhen to Use\nThe user asks for a daily or latest cybersecurity digest.\nThe user needs balanced AI + security coverage from RSS feeds.\nThe user wants Twitter/X KOL security updates alongside RSS content.\nThe task needs merged vulnerability events (CVE-first + non-CVE clustering).\nThe user requests provider control (openai|gemini|claude|ollama) or --dry-run.\nWhen Not to Use\nThe user wants ad-hoc one-off article summaries (use direct summarization instead).\nThe user expects arbitrary output language switching.\nQuick Start\n# Basic (RSS only, no AI scoring)\nbun scripts/sec-digest.ts --dry-run --output ./output/digest.md\n\n# With AI scoring + Twitter KOLs\nTWITTERAPI_IO_KEY=your-key bun scripts/sec-digest.ts \\\n --provider claude --opml tiny --hours 48 --output ./output/digest.md\n\n# Weekly mode (168h window)\nbun scripts/sec-digest.ts --mode weekly --provider openai --output ./output/weekly.md\n\n# With email delivery (requires gog)\nbun scripts/sec-digest.ts --provider claude --email me@example.com --output ./output/digest.md\n\n# With full text enrichment\nbun scripts/sec-digest.ts --provider claude --enrich --output ./output/digest.md\n\nCLI Flags Reference\nFlag\tDescription\tDefault\n--provider \tAI provider: openai|gemini|claude|ollama\topenai\n--opml \tOPML profile: tiny|full\ttiny\n--hours \tTime window in hours\t48\n--mode \tShortcut: daily=48h, weekly=168h\t—\n--top-n \tMax articles to select\t20\n--output \tOutput markdown file path\t./output/sec-digest-YYYYMMDD.md\n--dry-run\tRule-based scoring only (no AI calls)\tfalse\n--no-twitter\tDisable Twitter/X KOL fetching\tfalse\n--email \tSend digest via gog to address\t—\n--enrich\tFetch full text for articles\tfalse\n--help\tShow help\t—\nQuick Reference\nEntrypoint: scripts/sec-digest.ts\nPipeline: src/pipeline/run.ts\nConfig root: ~/.sec-daily-digest/\nConfig file: ~/.sec-daily-digest/config.yaml\nSources file: ~/.sec-daily-digest/sources.yaml\nHealth file: ~/.sec-daily-digest/health.json\nArchive dir: ~/.sec-daily-digest/archive/\nOPML cache (tiny): ~/.sec-daily-digest/opml/tiny.opml\nOPML cache (full): ~/.sec-daily-digest/opml/CyberSecurityRSS.opml\nRequired Behavior\nAlways perform OPML remote update check before feed parsing.\nIf OPML remote check fails, use local cache only when cache exists.\nIf remote check fails and no local cache exists, fail fast (No cached OPML available and remote update check failed.).\nProvider defaults to openai; explicit --provider overrides config.\nRanking uses balanced weights (Security + AI, default 0.5/0.5).\nOutput sections must include AI发展, 安全动态, and 漏洞专报.\noutput_language exists in config, but current implementation outputs fixed bilingual-style markdown; do not assume runtime language switching.\nTwitter KOL section (🔐 Security KOL Updates) appears only when tweets are fetched.\nTwitter fetch is silently skipped (no crash) when no credentials are present.\nTwitter/X Configuration\n\nTwitter KOL accounts are configured in ~/.sec-daily-digest/sources.yaml (auto-created on first run with 15 default security researchers).\n\nDefault KOL List\n\nTaviso, GossiTheDog, SwiftOnSecurity, MalwareTechBlog, briankrebs, JohnLaTwC, and 9 others.\n\nsources.yaml Format\nsources:\n - id: taviso\n type: twitter\n name: \"Tavis Ormandy / Google Project Zero\"\n handle: taviso\n enabled: true\n priority: true\n topics:\n - security\n\n # Disable a default source:\n - id: thegrugq\n enabled: false\n\n # Add a new custom source:\n - id: myresearcher\n type: twitter\n name: \"My Researcher\"\n handle: myresearcher\n enabled: true\n priority: false\n topics:\n - security\n\nBackend Selection\nEnv Var Set\tBackend Used\nTWITTERAPI_IO_KEY\ttwitterapi.io (preferred, 5 QPS)\nX_BEARER_TOKEN only\tOfficial Twitter API v2 (5 concurrent)\nBoth\ttwitterapi.io\nNeither\tTwitter disabled (silent)\nTWITTER_API_BACKEND=official\tForce official API\nArchive (Historical Dedup)\n\nArticles seen in the past 7 days receive a −5 score penalty (not removed, just deprioritized). Archive files are stored in ~/.sec-daily-digest/archive/YYYY-MM-DD.json and automatically cleaned after 90 days.\n\nSource Health Monitoring\n\nEach run records fetch success/failure for every source. Sources failing >50% of checks (with ≥2 checks) appear in a ⚠️ Source Health Warnings section at the bottom of the digest. Health data lives in ~/.sec-daily-digest/health.json.\n\nEmail Delivery (gog)\n\nThe --email flag sends the digest via gogcli:\n\n# Install (macOS)\nbrew install steipete/tap/gogcli\ngog auth login # one-time OAuth setup\n\n# Send digest\nbun scripts/sec-digest.ts --provider claude \\\n --email me@example.com --output /tmp/digest.md\n\n\nLog output:\n\n[sec-digest] email=sent to me@example.com\n# or\n[sec-digest] email=failed: gog not found in PATH. Install: ...\n\nFull Text Enrichment\n\n--enrich fetches article full text before AI scoring (improves classification and summarization quality). Skips paywalled/social domains (Twitter, Reddit, GitHub, YouTube, NYT, Bloomberg, WSJ, FT).\n\ncron Integration\n# Daily at 07:00\n0 7 * * * cd /path/to/sec-daily-digest && \\\n bun scripts/sec-digest.ts --mode daily --output ~/digests/sec-$(date +\\%Y\\%m\\%d).md \\\n 2>&1 | tee -a ~/.sec-daily-digest/cron.log\n\n# Weekly on Monday at 08:00\n0 8 * * 1 cd /path/to/sec-daily-digest && \\\n bun scripts/sec-digest.ts --mode weekly --output ~/digests/weekly-$(date +\\%Y\\%m\\%d).md \\\n 2>&1 | tee -a ~/.sec-daily-digest/cron.log\n\nCommon Mistakes\nMissing API key for selected provider (OPENAI_API_KEY is required, GEMINI_API_KEY is required, ANTHROPIC_API_KEY is required).\nMisreading fallback behavior: OPML fallback is cache-dependent, not unconditional.\nForgetting --dry-run when no provider credentials are available.\nExpecting Twitter KOLs without setting TWITTERAPI_IO_KEY or X_BEARER_TOKEN.\nSuccess Signals\nLogs include [sec-digest] provider=..., [sec-digest] cache_fallback=true|false, [sec-digest] output=..., and [sec-digest] stats feeds=... articles=... recent=... selected=... vuln_events=... twitter_kols=....\nOutput markdown contains the three required sections and vulnerability references.\n~/.sec-daily-digest/archive/YYYY-MM-DD.json is written after each run.\n~/.sec-daily-digest/health.json is updated after each run.\nMore Detail\n\nFor full installation and extended usage notes, see README.md and README.zh-CN.md." }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/zer0yu/sec-daily-digest", "publisherUrl": "https://clawhub.ai/zer0yu/sec-daily-digest", "owner": "zer0yu", "version": "0.2.1", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/sec-daily-digest", "downloadUrl": "https://openagent3.xyz/downloads/sec-daily-digest", "agentUrl": "https://openagent3.xyz/skills/sec-daily-digest/agent", "manifestUrl": "https://openagent3.xyz/skills/sec-daily-digest/agent.json", "briefUrl": "https://openagent3.xyz/skills/sec-daily-digest/agent.md" } }