Notesctl
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: notesctl-skill-for-openclaw Version: 0.1.0 The skill is designed to manage Apple Notes on macOS using local scripts, `osascript`, and the `memo` CLI tool. All scripts (`notes_export.sh`, `notes_list.sh`, `notes_new.sh`, `notes_post.sh`, `notes_search.sh`) align with the stated purpose of creating, listing, searching, and exporting notes. Input is handled with Python-based escaping to prevent AppleScript injection, and there is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the OpenClaw agent in `SKILL.md` or `README.md`.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A maliciously crafted folder name passed to this script could potentially make the agent run unintended AppleScript on the user's Mac instead of only creating a note.
TITLE and BODY are escaped before use, but FOLDER is inserted directly into the AppleScript string. If a crafted folder value contains AppleScript syntax such as quotes or statement separators, it could change the command being executed.
osascript -e "tell application \"Notes\" to make new note at folder \"$FOLDER\" with properties {name:\"$TITLE_AS\", body:\"$BODY_AS\"}"Escape or strictly validate the folder name before building the AppleScript, or pass it through a safer AppleScript parameter mechanism. Avoid using untrusted text as the folder argument.
The agent can read note listings/search results and create notes in the user's Apple Notes environment.
The skill intentionally operates on the user's Apple Notes data under the current macOS user's local app/account permissions.
Manage Apple Notes via deterministic local scripts (create, append, list, search, export, and edit).
Install only if you are comfortable letting OpenClaw operate on Apple Notes, and review macOS permission prompts carefully.
Private note titles or contents may be displayed to or processed by the agent during search/export workflows.
The search script can retrieve Apple Notes content, including across folders when no folder is specified, which may bring private note text into the agent's context.
if [[ -n "$FOLDER" ]]; then memo notes -f "$FOLDER" -s "$QUERY" else memo notes -s "$QUERY" fi
Use specific search terms and folders, and avoid asking the agent to search or export notes containing sensitive information unless needed.