Back to skill
Skillv2.0.1
ClawScan security
Diary · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 18, 2026, 10:41 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it implements a local, bash-based diary that reads/writes files under ~/.local/share/diary, has no network calls or credential requirements, and matches its description.
- Guidance
- This skill is a local, open bash script that stores diary data under ~/.local/share/diary and does not perform network I/O or request secrets. Before installing/run: (1) review the script (already included) so you understand it writes plain-text logs and a history file, (2) be aware exported files (json/csv/txt) contain all entries and should be protected, (3) consider file permissions or storing data in an encrypted location if entries are sensitive, and (4) run it in a restricted environment (separate user account or container) if you prefer to limit any accidental data exposure. Overall the skill is coherent with its description.
Review Dimensions
- Purpose & Capability
- okName/description match the provided artifacts. The SKILL.md and scripts implement diary commands (add/plan/track/...), exports, stats, and searches, which are exactly what a journaling tool would need. No unrelated credentials or services are requested.
- Instruction Scope
- noteRuntime instructions direct the agent to invoke the included bash script and operate on local files. The script logs every operation to ~/.local/share/diary/history.log and writes per-command .log files and export files. This is expected, but users should note that all entries and activity history are stored in plain text locally (and exported in plain formats).
- Install Mechanism
- okThere is no install spec; the skill is instruction-plus-a-shell-script only. Nothing is downloaded or installed automatically, minimizing install-time risk.
- Credentials
- okThe skill requests no environment variables, no credentials, and uses only standard coreutils (bash, grep, wc, du, tail, head, cat, date, basename). Those requirements are proportional to the stated purpose.
- Persistence & Privilege
- okalways:false and no modifications to other skills or system-wide configs. The script creates and uses a single data directory in the user's home; it does not request elevated privileges.