Core Capabilities
Security checks across malware telemetry and agentic risk
Overview
This instruction-only skill describes broad local automation, memory indexing, Git publishing, and background services that rely on unreviewed local helpers, so it should be reviewed before use.
Use this only if you already trust and have inspected the referenced local tools such as memory_query_agent.py, monitor_server.py, obsidian-cli, and the cron setup. Before enabling it, set strict allowed folders, require confirmation for note deletion and Git push, review what memory.db contains, and make sure you know how to stop the cron job and monitor server.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may be told to run local programs whose code was not included in this review, including programs that query memory data or run a monitor service.
The skill depends on helper tools and services, but the supplied package contains only documentation files and no install spec or source for these helpers, so their behavior cannot be reviewed here.
"dependencies": ["obsidian-cli", "obsidian-tasks", "memory_query_agent", "monitor_server"]
Before using the skill, inspect and trust the local helper scripts and CLIs it references, and ensure they are installed from known sources with expected permissions.
A user or agent could accidentally delete or move notes, commit unintended files, or push local changes to a remote repository.
The skill documents destructive or broad mutation capabilities for notes and a whole Git working tree, but does not clearly require user confirmation, limit paths, or define safe rollback.
文件管理: 创建/读取/编辑/删除/移动笔记 ... git add . && git commit -m "daily: 2026-04-12" ... git push
Require explicit confirmation before deleting/moving notes or running Git add/commit/push, and limit operations to a named vault, repository, branch, and file set.
Private notes or user details could be stored in a reusable memory database and later surfaced in future tasks.
The skill describes persistent indexing of Markdown content into a memory database, including user information, without clearly bounding source paths, exclusions, retention, or reuse rules.
SQLite (`memory.db`) ... 每 30 分钟自动同步 ... user | 2 | 用户信息 ... 文件变更 → 检测 → 解析 Markdown → 更新数据库
Define exactly which folders are indexed, exclude sensitive files, document retention and deletion controls, and require user approval before syncing new private content.
Background jobs or services may keep running after the original task, continuing to read state, update databases, or expose local monitoring pages.
The artifacts describe recurring cron execution and a background monitor process, but do not provide clear lifecycle controls or cleanup instructions for the installed environment.
Cron 配置: `*/30 * * * *` ... 进程: `python3 monitor_server.py 8003` ... `python3 monitor_server.py 8003 &`
Document how to list, stop, disable, and remove the cron job and monitor server, and make background execution opt-in.