openclaw-rss-feeds

What This Skill Does

The openclaw-rss-feeds plugin is a powerful automation tool designed to aggregate security advisories, vulnerability disclosures, and technical news into a curated digest. It bridges the gap between raw RSS/Atom feeds and professional reporting by optionally integrating with the National Vulnerability Database (NVD) for CVE enrichment. Users can configure specific feeds, apply keyword filters, and define CVSS threshold limits to ensure only critical information reaches their workflows. Beyond aggregation, it supports automated drafting for Ghost CMS and real-time alerts via messaging platforms like WhatsApp and Telegram, making it an essential utility for security teams, sysadmins, and technical researchers.

Installation

To integrate this skill into your OpenClaw environment, execute the following command in your terminal:

clawhub install openclaw/skills/skills/homeofe/openclaw-rss-feeds

After the installation finishes, you must add the plugin configuration object to your openclaw.plugin.json file. Ensure you provide valid credentials for your Ghost CMS instance and, if required, an NVD API key to enable high-frequency CVE enrichment without hitting rate limits.

Use Cases

• Automated Security Reports: Generate monthly or weekly summaries of security patches for specific vendors (e.g., Microsoft or Fortinet) to keep your team informed.
• Vulnerability Tracking: Monitor public feeds for vulnerabilities exceeding a specific CVSS score, ensuring that critical bugs are flagged immediately in your communication channels.
• Content Curation: Automatically draft blog posts on a Ghost CMS site based on aggregated news, saving hours of manual data collection and formatting.
• Centralized Monitoring: Consolidate disparate RSS sources into a single, unified stream that filters out noise using custom keyword pattern matching.

Example Prompts

1. "Run the rss_run_digest tool now and send the output to my Telegram channel to ensure I didn't miss any critical patches today."
2. "Perform a dryRun of the rss_run_digest to check if the current configuration correctly picks up the latest Fortinet advisories."
3. "Trigger the digest generation and create a draft in Ghost for all entries matching the 'security' keyword found in the last 7 days."

Tips & Limitations

• CVE Enrichment: Always provide an NVD API key if you plan to monitor many feeds, as public rate limits can cause failures in data enrichment.
• Thresholding: Use the cvssThreshold setting carefully; setting it too high might cause you to miss low-severity disclosures that could be relevant to your specific infrastructure.
• Dry Runs: Always perform a dryRun: true when testing new feed configurations or regex patterns to ensure the output format matches your expectations before enabling automated publishing or notifications.
• Performance: The plugin processes feeds sequentially; if you have a high number of long-running feeds, ensure your cron schedule is set to allow sufficient execution time.