OpenClaw Skill Plaud Note Taking
PassAudited by VirusTotal on May 13, 2026.
Overview
Type: OpenClaw Skill Name: plaud Version: 0.1.4 The skill provides a legitimate integration for Plaud AI recordings, allowing an agent to list, summarize, and export transcripts via MCP tools and the Plaud CLI. The included Node.js script (`scripts/plaud-export.js`) uses safe subprocess execution (`spawnSync` with argument arrays) to prevent shell injection, and the `SKILL.md` instructions include explicit privacy safeguards and user-approval requirements for external actions.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can run the Plaud CLI for exports and create transcript/summary files on the local machine.
The helper executes the local Plaud CLI to fetch metadata, summaries, and transcripts. This is central to the export purpose and does not use a shell string, but it is still local command execution.
const result = spawnSync('plaud', args, { encoding: 'utf8' });Use CLI/export actions only when you intend to export a recording, keep the Plaud CLI installation trusted, and choose normal scoped output folders.
Authenticated Plaud tools can list and read your Plaud recordings, summaries, notes, and transcripts.
The skill uses delegated Plaud account authentication to access recordings. This is expected for the integration and is disclosed, but it gives the agent access to private account data.
If unauthenticated: 1. Run `plaud__login` for MCP auth. 2. If CLI auth is needed, run `plaud login`.
Authenticate only the intended Plaud account, ask for specific recordings or date ranges when possible, and log out or revoke access if you no longer use the skill.
Future versions of the external Plaud packages may behave differently from the version reviewed here.
The setup documentation pulls external Plaud MCP/CLI packages using @latest. This is user-directed and purpose-aligned, but unpinned external packages can change over time.
openclaw mcp set plaud '{"command":"npx","args":["-y","@plaud-ai/mcp@latest"]}' ... npm install -g @plaud-ai/cli@latestInstall Plaud MCP/CLI only from trusted sources, consider pinning known-good versions, and inspect package provenance before authenticating.
Anyone who is allowed to use the configured Telegram bot command could potentially request Plaud recording information through that channel.
The skill can expose Plaud transcript and summary workflows through a Telegram bot command. This is disclosed and purpose-aligned, but private recording content may be returned over that channel.
This skill supports a single Telegram command shape ... `/plaud transcript [target]`: fetch transcript or explain if unavailable
Restrict Telegram bot access to trusted users/chats and avoid enabling this command in shared groups unless that is intended.