Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Algernon Synthesis
v1.0.0Cross-material knowledge synthesis session for OpenAlgernon. Use when the user runs `/algernon synthesis`, says "quero conectar os materiais", "sintese entre...
⭐ 0· 98·0 current·0 all-time
byAntonio V. Franco@antoniovfranco
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The described goal (cross-material synthesis) matches the actions in SKILL.md (identify reviewed cards, ask synthesis questions, summarize). However the skill assumes access to a specific local SQLite DB and a Notion CLI, which are not declared in the skill metadata. That makes the claimed purpose plausible but the required runtime resources are not proportionately declared or parameterized.
Instruction Scope
The instructions tell the agent to run sqlite3 against a hard-coded DB path (/home/antonio/.../vestibular.db), to call a user-local binary (~/go/bin/notion-cli) with a PHASE_PAGE_ID placeholder, and to append to 'today's conversation log'. These are concrete filesystem and network actions not reflected in the skill's declared requirements. The instructions also send content to an external service (Notion) via notion-cli without specifying where the Notion credentials or page ID come from. That surface is broader than the skill metadata indicates.
Install Mechanism
There is no install spec (instruction-only), so nothing will be downloaded or installed by the registry itself. That reduces installer risk. Note: the runtime still depends on local binaries (sqlite3 and notion-cli) that are not declared, which is an operational mismatch rather than an installer risk.
Credentials
The skill implicitly requires access to a local SQLite database file, a Notion CLI executable, and a Notion page ID / credentials, but the registry metadata declares no required env vars or config paths. Requesting unspecified local file access and external service access without declaring those needs is disproportionate and opaque.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or global agent settings. It does instruct writing/saving results to a Notion page and a 'conversation log' (expected for a note-taking/synthesis skill). Autonomous invocation is allowed (platform default) but is not an additional flagged privilege here.
What to consider before installing
Before installing or running this skill, be aware it will: 1) run sqlite3 on a hard-coded local DB path (/home/antonio/.../vestibular.db) — confirm you want the agent to read that file or update the skill to point to your DB; 2) call a local Notion CLI (~/go/bin/notion-cli) and append content to a Notion page (PHASE_PAGE_ID) — ensure you understand where the Notion credentials live and do not provide secrets implicitly; 3) append a line to the agent's 'conversation log' — clarify where that file is stored. Recommended actions: ask the author to parameterize the DB path and notion CLI/page-id (via declared requires.config or env vars), declare required binaries and env vars in the skill metadata, and document where conversation logs are saved. If you cannot verify those changes, avoid running the skill with access to sensitive local data or credentials — run it in an isolated/sandbox environment instead. Additional info that would raise confidence: explicit required config paths and env vars (DB path, NOTION_PAGE_ID, NOTION_TOKEN), or a prompt that asks the user to provide/confirm those values at runtime.Like a lobster shell, security has layers — review code before you run it.
latestvk97dz5wszp2gbfhrcq0zrwckm1833ev2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.