Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
LifeLog
v1.2.4生活记录自动化系统。自动识别消息中的日期(今天/昨天/前天/具体日期),使用 SubAgent 智能判断,记录到 Notion 对应日期,每次都是**追加记录**而非覆盖。 适用于:(1) 用户分享日常生活点滴时自动记录;(2) 定时自动汇总分析并填充情绪、事件、位置、人员字段
⭐ 0· 626·0 current·0 all-time
byCui Ruochen@421zuoduan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description (log life events to Notion) matches the included scripts which call the Notion API. However the registry metadata at the top of the package lists no required environment variables while SKILL.md and the scripts clearly require NOTION_KEY and NOTION_DATABASE_ID — an inconsistency in the manifest. The Notion credential requirement itself is proportionate to the stated purpose.
Instruction Scope
SKILL.md instructs the agent to run the provided shell scripts which: (a) send user message content to Notion (expected), (b) may call a local OpenClaw subagent endpoint (http://localhost:421/api/sessions) with the raw message to decide dates (this will transmit message content to whatever the local subagent does), and (c) read a spec file at /root/.openclaw/workspace/docs/lifelog-spec.md if present. The subagent call is present in the code (decide_date_with_subagent) albeit not used by default; it would send entire message text to the local OpenClaw runtime and so could result in the message being forwarded to remote models depending on local configuration. Reading /root/.openclaw/... expands scope to agent workspace files which may hold sensitive data. SKILL.md's cron examples and use of openclaw cron are expected for scheduled operation but will create persistent scheduled execution if the user enables them.
Install Mechanism
There is no automated install spec (no external downloads or package installs). All code is present as shell scripts in the repo. This is lower risk than a download+execute installer, but it means the provided scripts will run locally and should be reviewed.
Credentials
The only required secrets in SKILL.md and the scripts are Notion credentials (NOTION_KEY and NOTION_DATABASE_ID), which are appropriate for a Notion-integrating logger. Caveats: some scripts contain placeholder configuration sections where users might be instructed to hardcode secrets (lifelog-daily-summary-v5.sh and lifelog-update.sh show NOTION_KEY/DATABASE_ID placeholders). Hardcoding keys into scripts is insecure — environment variables are safer. Also the registry metadata's omission of required env vars is inconsistent and could mislead users or automated permission checks.
Persistence & Privilege
The skill is not forced-always, does not request system-wide privileges, and does not modify other skills. The only persistence implied is optional scheduling via openclaw cron, which is user-controlled. The scripts do read an agent workspace path but do not attempt to modify other skills or system-wide agent configuration.
What to consider before installing
This skill appears to do what it says (append life messages to a Notion DB) but you should review and decide before installing: 1) Manifest mismatch: the repository metadata omitted environment requirements while SKILL.md and scripts require NOTION_KEY and NOTION_DATABASE_ID — expect to supply Notion credentials. 2) Inspect scripts before running: they call the Notion API and may read /root/.openclaw/workspace/docs/lifelog-spec.md (a local agent workspace path). If that file exists it could reveal workspace-specific content — ensure it doesn't contain sensitive data. 3) SubAgent/local agent call: lifelog-append.sh contains code to POST message text to http://localhost:421/api/sessions (OpenClaw subagent). If you enable that path, your message text will be sent to your local OpenClaw runtime (which in turn may call remote models depending on its configuration). Only enable this if you trust your local agent environment. 4) Do not hardcode secrets into scripts: prefer exporting NOTION_KEY and NOTION_DATABASE_ID as environment variables rather than editing scripts' placeholder fields. 5) If privacy is a concern, run the scripts in an isolated session, review/modify them to remove unused remote/local calls, and verify that scheduled cron jobs are only created intentionally. If you want, provide the exact lines you plan to run and I can walk through potential data flows step-by-step.Like a lobster shell, security has layers — review code before you run it.
latestvk9770vwq1s6hy3j3qrgjxg9z1x83hk84
License
MIT-0
Free to use, modify, and redistribute. No attribution required.