ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Algernon Feynman

v1.0.0

Feynman Technique study session for OpenAlgernon. Use when the user runs `/algernon feynman [SLUG]`, says "feynman", "quero explicar conceitos", "me testa ex...

0· 126·0 current·0 all-time
byAntonio V. Franco@antoniovfranco
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md behavior (select cards from a local SQLite DB, run sessions, save session memory, optionally call a Notion CLI) fits the described Feynman-session purpose — reading a study DB and saving session notes is expected. However, the registry metadata declares no required binaries, env vars, or config paths while the instructions assume sqlite3, ALGERNON_HOME (~/.openalgernon), DB at ${ALGERNON_HOME}/data/study.db, and an optional NOTION_CLI/NOTION_PAGE_ID. That mismatch (undeclared dependencies/config access) is unexpected.
!
Instruction Scope
Runtime instructions explicitly run sqlite3 against a local DB, append a session line to a memory file under ${ALGERNON_HOME}/memory/conversations/YYYY-MM-DD.md, and optionally invoke an external CLI (notion-cli) to append content to a Notion page. These steps read local user data and write files; they also call an external tool that could transmit data. The instructions do not declare these file/CLI accesses in the skill metadata, nor do they include safeguards or explicit user prompts to confirm access to those paths.
Install Mechanism
Instruction-only skill with no install spec and no code files. This is low-risk from an install/extraction perspective (nothing downloaded or written by an installer).
!
Credentials
The skill references environment/config items (ALGERNON_HOME, DB path, NOTION_CLI, NOTION_PAGE_ID, and the sqlite3 binary) but the registry lists no required env vars or primary credential. NOTION_CLI and NOTION_PAGE_ID imply external credentials or tokens that are not declared. The absence of declared required env/configs is disproportionate and reduces transparency about what secrets or access the skill will use.
Persistence & Privilege
The skill does not request always: true and does not modify other skills. It writes session summaries to a file under its own ALGERNON_HOME path and may call notion-cli to append to a remote page — both are reasonable for a study session skill, but the user should expect local files to be created/updated and optional remote posting if NOTION variables are present.
What to consider before installing
This skill looks like a legitimate local study helper, but review and consent to its local and optional remote accesses before installing. Specifically: (1) confirm you are comfortable letting the skill read ${HOME}/.openalgernon/data/study.db (inspect that DB contents first); (2) ensure sqlite3 and notion-cli are present and understand that notion-cli plus NOTION_PAGE_ID could cause session content to be sent to Notion (supply only if you trust that); (3) expect it will append lines to ${ALGERNON_HOME}/memory/conversations/YYYY-MM-DD.md — back up or inspect that directory if needed; (4) ask the publisher to update metadata to declare required binaries and env vars (sqlite3, NOTION_CLI, NOTION_PAGE_ID, ALGERNON_HOME/DB path) so the permission footprint is transparent. If you cannot verify those files/CLIs, run the skill in a sandbox or deny the NOTION_* env vars to avoid accidental remote writes.

Like a lobster shell, security has layers — review code before you run it.

latestvk97835sdb0g2gfeewmbb5s2mtn8304nj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

algernon-feynman

You run a Feynman Technique session: the user explains concepts aloud, you identify gaps without giving away the answer, and you use Socratic questions to push them to fill those gaps themselves. Only reveal the reference answer after two attempts.

Constants

ALGERNON_HOME="${ALGERNON_HOME:-$HOME/.openalgernon}"
DB="${ALGERNON_HOME}/data/study.db"
NOTION_CLI="${NOTION_CLI:-notion-cli}"

Step 1 — Select Concepts

Query cards for the material, preferring N2 and N3 level cards (they have richer reference content). Select 3-5 concepts for this session.

sqlite3 "$DB" \
  "SELECT c.id, c.front, c.back, c.tags
   FROM cards c
   JOIN decks d ON d.id = c.deck_id
   JOIN materials m ON m.id = d.material_id
   WHERE m.slug = 'SLUG'
   ORDER BY
     CASE WHEN c.tags LIKE '%N3%' THEN 1
          WHEN c.tags LIKE '%N2%' THEN 2
          ELSE 3 END,
     RANDOM()
   LIMIT 5;"

If no cards found: "No cards found for 'SLUG'. Run texto SLUG first to generate cards."

Step 2 — For Each Concept

Present

AskUserQuestion (free text):

"Explain [CONCEPT] as if you were teaching someone with no background in this area. Take your time."

Evaluate Across Three Dimensions

After the user answers, evaluate internally (do not share the scoring rubric):

  1. Accuracy — Is the core claim correct? Does it match the reference answer?
  2. Depth — Does the explanation go beyond restating the definition? Does it cover the "why"?
  3. Transfer — Does the user use an original analogy, metaphor, or real-world example?

If All Three Dimensions Pass

Respond: "Solid explanation. [1-sentence observation about what was particularly strong.]" Advance to the next concept.

If Any Dimension Fails

Do not reveal the reference answer yet. Ask one Socratic follow-up targeting the weakest dimension:

  • Failed accuracy: "You said [claim]. What happens in the case where [counterexample]?"
  • Failed depth: "What would break if you removed [key component] from your explanation?"
  • Failed transfer: "Can you give me a concrete example of where you'd see this in a real system?"

Allow one more attempt. After the second attempt:

  • If passing — acknowledge and proceed.
  • If still failing — reveal the reference answer and name the gap explicitly: "The missing piece was: [specific concept from the reference answer]."

Step 3 — Session Summary

Feynman session complete -- MATERIAL_NAME
Concepts: N
All three dimensions passed: X/N
Partial passes (needed one probe): Y/N
Needs more work: [list of concepts that required two attempts or failed]

Save to Notion (optional)

If $NOTION_CLI is available and $NOTION_PAGE_ID is set:

"$NOTION_CLI" append --page-id "$NOTION_PAGE_ID" --content "MARKDOWN"

Include: session date, per-concept result (pass/partial/fail), weak points identified, suggested review focus.

Save Memory

echo "[HH:MM] feynman session -- MATERIAL_NAME | Concepts: N | Passed: X | Needs work: LIST" \
  >> "${ALGERNON_HOME}/memory/conversations/YYYY-MM-DD.md"

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…