openclaw-rss-feedsRSS/Atom feed digest with optional CVE enrichment, Ghost CMS drafts, and channel notifications
Install via ClawdBot CLI:
clawdbot install homeofe/openclaw-rss-feedsOpenClaw plugin for RSS and Atom security digests with optional NVD CVE enrichment, Ghost CMS draft publishing, and channel notifications.
npm install @elvatis_com/openclaw-rss-feedsThen enable the plugin in your OpenClaw plugin config.
The plugin schema is defined in openclaw.plugin.json.
Example with all supported options:
{
"plugins": {
"openclaw-rss-feeds": {
"feeds": [
{
"id": "fortinet",
"name": "Fortinet PSIRT",
"url": "https://www.fortiguard.com/rss/ir.xml",
"keywords": ["fortinet", "fortigate", "fortios"],
"enrichCve": true,
"cvssThreshold": 7,
"tags": ["fortinet", "security", "digest"],
"docsUrlTemplate": "https://docs.fortinet.com/product/{product}/{version}/release-notes",
"productHighlightPattern": "Forti(?:Gate|OS|Analyzer|Manager|Client|Proxy)"
},
{
"id": "m365",
"name": "Microsoft 365 Message Center",
"url": "https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=&rss=1",
"keywords": ["security", "vulnerability", "defender"],
"enrichCve": true,
"cvssThreshold": 6.5,
"tags": ["microsoft-365", "security"]
},
{
"id": "bsi",
"name": "BSI CERT-Bund",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?rss",
"keywords": ["kritisch", "critical", "cve"],
"enrichCve": false,
"tags": ["bsi", "cert-bund"]
},
{
"id": "heise-security",
"name": "Heise Security",
"url": "https://www.heise.de/security/rss/news-atom.xml",
"keywords": ["cve", "security", "ransomware"],
"enrichCve": false,
"tags": ["heise", "security-news"]
}
],
"schedule": "0 9 1 * *",
"lookbackDays": 31,
"ghost": {
"url": "https://blog.example.com",
"adminKey": "<ghost-admin-key-id>:<ghost-admin-key-secret-hex>"
},
"notify": [
"whatsapp:<phone>",
"telegram:123456789"
],
"nvdApiKey": "<nvd-api-key-optional>"
}
}
}If schedule is set, the plugin registers a scheduler and runs automatically.
Example:
0 9 1 runs at 09:00 on day 1 of every month0 8 1 runs every Monday at 08:00You can trigger digest generation manually with the registered tool:
rss_run_digestdryRun: truedryRun fetches and formats the digest but skips Ghost publishing and notifications.
If a feed has enrichCve: true, the plugin calls the NVD CVE API and enriches the digest with:
cvssThreshold)Notes:
keywordsIf ghost is configured, the digest is published as a draft post through the Ghost Admin API.
Implementation details:
adminKey (id:secret format)/ghost/api/admin/posts/?source=htmltagsIf Ghost fails, digest generation still succeeds and the error is reported in result metadata and optional notifications.
If notify contains targets (format channel:target), a summary notification is sent after the run.
Example targets:
whatsapp:telegram:123456789discord:#securitynpm install
npx tsc --noEmit
npm test
npm run buildMIT
Generated Mar 1, 2026
A security operations center (SOC) uses this plugin to automatically aggregate RSS feeds from vendors like Fortinet and Microsoft, enriching CVEs with NVD data to prioritize vulnerabilities above a CVSS threshold. The digest is published as a Ghost CMS draft for internal review and notifications are sent via WhatsApp or Telegram to alert team leads. This streamlines weekly or monthly threat briefings without manual data collection.
A government agency, such as BSI CERT-Bund, configures the plugin to monitor security advisories from multiple sources, filtering for critical keywords like 'kritisch' or 'CVE'. It runs on a scheduled basis to generate compliance reports, with digests saved as Ghost drafts for audit trails and notifications sent to compliance officers via secure channels. This ensures timely awareness of regulatory updates and vulnerabilities.
An MSSP sets up the plugin for multiple client feeds, using keywords and CVE enrichment to customize digests per client based on their infrastructure (e.g., Fortinet devices). Digests are automatically created as Ghost drafts for client portals, and summary notifications are pushed to Discord channels for each client's security team. This automates recurring reporting and enhances client engagement.
A university research team uses the plugin to aggregate feeds from sources like Heise Security, enabling CVE enrichment to analyze vulnerability trends over time. The digest is published as a Ghost draft for collaborative editing and sharing within the research group, with notifications sent to team members via Telegram for new findings. This supports data-driven studies without manual feed parsing.
A software development company configures the plugin to monitor RSS feeds for security updates related to their tech stack, such as Microsoft 365 or open-source tools. CVE enrichment filters high-severity issues, and digests are published as Ghost drafts for developer review, with WhatsApp notifications to engineering leads. This integrates security awareness into the development lifecycle proactively.
Offer this plugin as part of a cloud service where organizations pay a monthly fee for automated RSS digest generation, CVE enrichment, and notifications. Revenue comes from tiered subscriptions based on the number of feeds, users, or advanced features like custom integrations. This model targets small to medium-sized businesses lacking in-house development resources.
Provide consulting services to help enterprises install, configure, and customize the plugin for their specific needs, such as integrating with existing Ghost CMS instances or adding new notification channels. Revenue is generated through project-based fees or ongoing support contracts. This model appeals to large organizations with complex security workflows.
Distribute the plugin as open-source with basic functionality free to use, while charging for premium features like advanced CVE enrichment, higher rate limits, or exclusive notification channels. Revenue streams include one-time purchases for add-ons or enterprise licenses. This model attracts a broad user base while monetizing advanced capabilities.
💬 Integration Tip
Ensure your Ghost CMS instance is properly configured with an admin API key in the correct format, and test notifications with a dry run before full deployment to avoid disruptions.
Transform AI agents from task-followers into proactive partners that anticipate needs and continuously improve. Now with WAL Protocol, Working Buffer, Autonomous Crons, and battle-tested patterns. Part of the Hal Stack 🦞
Use the ClawdHub CLI to search, install, update, and publish agent skills from clawdhub.com. Use when you need to fetch new skills on the fly, sync installed skills to latest or a specific version, or publish new/updated skill folders with the npm-installed clawdhub CLI.
Clawdbot documentation expert with decision tree navigation, search scripts, doc fetching, version tracking, and config snippets for all Clawdbot features
Interact with Moltbook social network for AI agents. Post, reply, browse, and analyze engagement. Use when the user wants to engage with Moltbook, check their feed, reply to posts, or track their activity on the agent social network.
OpenClaw CLI wrapper — gateway, channels, models, agents, nodes, browser, memory, security, automation.
MoltGuard — runtime security plugin for OpenClaw agents by OpenGuardrails. Helps users install, register, activate, and check the status of MoltGuard. Use wh...