Fulcra Annotations
PassAudited by ClawScan on May 16, 2026.
Overview
This skill is a purpose-aligned Fulcra integration that writes persistent annotations using Fulcra credentials, with disclosed safety guidance but some metadata under-declaration.
Install only if you want an agent to write Fulcra annotations on your behalf. Confirm the Fulcra account/token being used, avoid sharing tokens in chat, use dry-run for uncertain actions, and review any annotation content before allowing persistent records to be created or changed.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used incorrectly, an agent could create incorrect annotations, tags, or historical records in the user's Fulcra account.
The skill can write and verify data in the user's Fulcra account. This is expected for an annotations skill, but it is still account-mutation authority.
Creates annotation definitions ... Records annotation events ... Verifies writes by reading the event back after ingest.
Use dry-run mode for uncertain writes, confirm annotation names/values/timestamps before recording, and require explicit user approval for updates or deletes.
The skill can act with the Fulcra account permissions available to the provided token or CLI login.
The script uses a Fulcra access token or local Fulcra CLI authentication to call the API. This is purpose-aligned, and the docs warn not to print tokens, but it relies on account credentials.
env_token = os.environ.get("FULCRA_ACCESS_TOKEN") ... command = os.environ.get("FULCRA_CLI_COMMAND", "fulcra-api") ... headers = {"Authorization": f"Bearer {access_token()}"}Use the least-privileged Fulcra account/token available, avoid pasting tokens into chat, and revoke credentials if they may have been exposed.
Users may not realize from metadata alone that the skill needs Fulcra authentication and a local Python script execution path.
The registry metadata does not declare the Python/Fulcra CLI/token setup described in README.md and used by the script. This is a disclosure/completeness gap rather than suspicious behavior.
Required binaries (all must exist): none ... Env var declarations: none ... Primary credential: none
Before installing, verify the Fulcra CLI/token setup, review the script path being run, and prefer registry metadata that declares credentials and runtime requirements explicitly.
Sensitive or inaccurate notes, tags, timestamps, or values could remain in Fulcra and influence later workflows.
Fulcra annotations are persistent user context and may be reused by humans or agents later. Writing this memory is the skill's purpose, but incorrect entries could affect future context.
shared human/agent memory: attention, events, location, calendar, health, wearables, and other streams ... recording user-approved moments or values
Record only user-approved data, avoid private details in tags, verify timestamps and values, and review/delete incorrect annotations through Fulcra if needed.