Pocket AI Integration
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is mostly purpose-aligned, but it should be reviewed because it accesses all Pocket AI recordings and includes misleading privacy claims plus unclear instructions for sharing meeting insights with other agents or channels.
Install only if you trust Pocket AI and want your agent to access all recording transcripts, action items, and profile insights. Treat the integration as cloud-backed, keep the API key protected, and do not enable channel posting or heartbeat checks unless you have explicit approval and redaction rules.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any agent process using the skill with this key can search, list, and retrieve Pocket AI recording data available to that account.
The helper reads a local Pocket AI API key and uses it as a bearer token. This is expected for the integration, but it grants account-level access to recordings through the Pocket AI API.
key_path = Path.home() / ".config" / "pocket-ai" / "api_key" ... "Authorization": f"Bearer {self.api_key}"Use the least-privileged Pocket AI key available, keep the file permissions restrictive, and revoke/rotate the key if the OpenClaw environment is shared or compromised.
Search results may reveal private conversations, inferred priorities, mental-state or profile insights, and meeting details to the agent context.
The skill is explicitly designed to retrieve broad transcript memories and AI-built profile context from all recordings, which can include sensitive business, legal, personal, and relationship information.
Search across ALL recordings ... `userProfile.dynamicContext[]` — AI-built insights from all recordings ... `relevantMemories[]` — Matching transcripts, action items, meeting sections
Only install if you want the agent to access this full recording corpus; avoid using it in shared sessions and review outputs before copying them into other tools.
Sensitive meeting content or business decisions could be sent to other people, channels, or agents without clear confirmation.
The skill tells an agent to share meeting-derived decisions and critical discussion alerts into a channel, but it does not define approval, redaction, audience, or permission boundaries.
Operations Channel - Post important decisions to #operations - Alert on critical discussions (team changes, financial decisions)
Require explicit user approval before posting any recording-derived content, restrict which channels can receive summaries, and redact names, legal, financial, or personnel details by default.
A user may install the skill believing recording data and queries remain local when the integration depends on a cloud service.
The privacy section makes a local-only style claim while also acknowledging cloud storage; the code and SKILL.md use the external `public.heypocketai.com` API. This can mislead users about the actual data flow.
- API key stays on your local machine - No data leaves your infrastructure - Pocket AI stores data on US servers
Treat the integration as cloud-backed, not local-only. The publisher should clarify what data is sent to Pocket AI, what is already stored there, and whether any third parties receive transcript or query data.
If enabled, the agent may periodically query Pocket AI and surface meeting-derived action items without a direct user prompt each time.
The heartbeat guidance is optional and disclosed, but it encourages recurring autonomous checks against sensitive recording-derived data.
During heartbeats, optionally check for new action items
Enable heartbeat checks only if desired, limit what they retrieve, and make recurring summaries visible and easy to disable.