Skillv2.0.1

ClawScan security

Note Taker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 18, 2026, 10:48 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally consistent: it provides note-taking templates and a small local CLI task manager that writes data to ~/.local/share/note-taker; there are no network calls or secret requests and the included scripts are straightforward shell code.
Guidance: This skill appears coherent and implements two expected pieces of functionality: note-formatting templates and a lightweight local CLI task manager. Before installing, review the included scripts (scripts/note.sh and scripts/script.sh) yourself — they are short shell scripts that create and write to ~/.local/share/note-taker (data.log and history.log). There are no network calls or requests for credentials, but you should: 1) confirm you're comfortable with the skill writing persistent files in your home directory or set NOTE_TAKER_DIR to a location you control; 2) inspect SKILL.md for any hidden/non-printing characters (scanner flagged unicode-control-chars); 3) run the scripts in a non-privileged account or sandbox first if you want extra safety; and 4) back up any important data before using the export/clear commands. Overall the package is low-risk and behaves as described.
Findings: [unicode-control-chars] unexpected: Scanner flagged unicode control characters in SKILL.md. The skill's functionality doesn't require hidden control characters; this may be an artifact (e.g., non-printing whitespace from editing) but could also be an attempt at prompt manipulation. Recommend inspecting the raw SKILL.md bytes before installing.

Review Dimensions

Purpose & Capability: noteThe name/description focus on note-taking (Cornell, Zettelkasten, mind maps, meeting/lecture notes) but the SKILL.md also exposes a simple CLI task manager (add/list/done/etc.). This dual role is coherent for a productivity tool but is a mild mismatch with the note-focused name — still reasonable and explainable.
Instruction Scope: okRuntime instructions and included scripts only reference local storage paths, standard Unix utilities, and prompt templates for formatting notes. The scripts read/write only the per-skill data directory and do not attempt to read unrelated system files or transmit data externally.
Install Mechanism: okThere is no install spec; the skill is instruction + two shell scripts. No remote downloads, package installs, or archive extraction are present in the bundle.
Credentials: noteThe skill declares no required environment variables or credentials. The scripts do respect NOTE_TAKER_DIR / XDG_DATA_HOME and $HOME and will create and write to ~/.local/share/note-taker (data.log and history.log). Writing local files is expected, but users should be aware of persistent data storage.
Persistence & Privilege: okalways:false and no privileged behaviors. The skill does not modify other skills or system-wide configs; it only creates and writes files within its own data directory.