ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OPC Journal Core

v2.2.0

Provides core journal functions for recording, retrieving, linking entries, and generating periodic summaries with contextual insights.

0· 42·0 current·0 all-time
by@coidea
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with provided functionality: init, record, search, export. The code implements those features (init.py, record.py, search.py, export.py) and uses a filesystem-backed SQLite DB by default. However, the scripts import modules under src.* (src.journal.core, src.journal.storage, src.utils.logging) that are not included in the package; the code repeatedly manipulates sys.path to find a project root, which is a fragile/odd pattern and suggests this package expects a larger repository layout not provided here.
Instruction Scope
SKILL.md stays within the journal domain (recording, querying, digesting). It references agent tools (memory_search, memory_get, write, read, sessions_list) which is appropriate for a journaling skill, and storage is local filesystem by default. There are no instructions to call external network endpoints. Note: examples reference linking to files (e.g., /shared/db-best-practices.md) and semantic indexing which implies use of embedding models — the skill does not declare how API keys or model access are obtained.
Install Mechanism
No install spec is provided (instruction-only with code files). That is lower install risk because nothing is automatically downloaded. However, because the code expects external src.* modules, it may fail at runtime unless run within a larger codebase; there is no supplied mechanism to fetch or install those dependencies.
Credentials
The skill declares no required environment variables or credentials, which matches the included code (no direct network or cloud SDK usage). However SKILL.md mentions 'semantic indexing' and 'requires embedding model' and configuration options for encryption — those capabilities typically require API keys (model provider) or crypto keys, but none are declared. Also the skill writes and reads local files (customers/{customer_id}/journal) and will create db and config.json files; that filesystem access is expected but could contain sensitive data, so ensure storage/encryption settings are appropriate.
Persistence & Privilege
always is false and the skill does not request system-wide or other-skills' config changes. It creates files under its own storage path and writes a config.json per customer, which is normal. Autonomous invocation is allowed by default (disable-model-invocation is false); combine that with journaling access to local files and agent memory should be considered when granting autonomy, but this is standard for skills.
What to consider before installing
What to check before installing: - This package appears to be part of a larger codebase: the scripts import modules under src.* that are not included here. Confirm the required src.journal.* and src.utils.* modules are available in your agent environment or repository; otherwise the skill will error at runtime. - The code writes journal.db and config.json under customers/{customer_id}/journal by default. If you will store sensitive content, enable encryption/appropriate access controls and verify retention/privacy settings in config. - SKILL.md mentions semantic indexing (embeddings) and encryption but the skill doesn't declare how model keys or encryption keys are supplied. If you enable those features, plan how the required credentials (API keys, KMS keys) will be provided and scoped — do not provide broad credentials unless necessary. - The scripts modify sys.path with a repeated, fragile pattern; this is a maintenance/clarity issue rather than evidently malicious, but it increases the chance of unexpected imports. Review code locally before granting the skill runtime privileges. - If you will run this in a multi-tenant or sensitive environment, run it in a sandbox first and limit autonomous invocation until you confirm behaviors and storage locations. If you can verify the missing src modules and are comfortable with local filesystem storage, the functionality itself matches the description; otherwise delay install until dependencies and privacy controls are clarified.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cgf96h7ajnwwemzyaem2wg583m7e7latest productivity journaling summary historyvk97cgf96h7ajnwwemzyaem2wg583m7e7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments