Wolai MCP 技能
ReviewAudited by ClawScan on May 10, 2026.
Overview
This looks like a real Wolai notes integration, but it uses a powerful Wolai token and contains unsafe/conflicting advice to give that token to the AI assistant.
Install only if you intend to let the agent operate your Wolai notes. Configure WOLAI_MCP_TOKEN manually rather than pasting it into chat, use a separate/revocable token if possible, confirm destructive changes, and review the full untruncated source before relying on the skill.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A Wolai token shared in chat may be retained in conversation history or logs and could allow access to the user's Wolai notes.
The skill gives contradictory safety guidance: it first tells users not to paste the token into chat, then later suggests giving the token to the AI assistant.
安全提醒:不要把 Token 直接粘贴到聊天对话框中 ... 方式一(最简单):直接把 Token 告诉 AI 助手,让它帮你写入
Do not paste the token into chat. Configure it manually through the environment-variable UI or a secure credential mechanism, and remove this advice from the skill.
If the agent is misdirected or the token is exposed, Wolai pages, blocks, search results, or databases could be read, changed, or deleted.
The skill requires a user-level Wolai token and advertises full read/write/delete/modify access, which is high-impact account authority.
WOLAI_MCP_TOKEN ... 用户级令牌 ... required: true ... 支持读取、写入、搜索、删除、修改等所有操作
Use the least-privileged or most easily revocable token available, revoke it when not needed, and require explicit user confirmation before destructive or bulk changes.
Mistaken tool names or arguments could cause unintended reads, edits, or deletions in Wolai.
The core helper is a generic MCP tool caller that posts arbitrary tool names and arguments to the Wolai MCP endpoint. This is purpose-aligned, but it is powerful.
param(... [string]$Tool ... [hashtable]$Args = @{}) ... Invoke-RestMethod -Method POST -Uri "https://api.wolai.com/v1/mcp"Review actions before execution, especially updates and deletes, and prefer workflows that show the target page/block/database before mutating it.