Nova Letters
ReviewAudited by ClawScan on May 10, 2026.
Overview
Nova Letters is mostly a simple local journaling skill, but its read command can be given a crafted path that reads Markdown files outside its letters folder.
Review before installing. The skill does not show network access or credential handling, but its read command should be fixed to prevent path traversal outside the letters folder. Also avoid writing secrets into letters because they are saved persistently under ~/.openclaw/workspace/letters.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent or user runs the read command with a malicious-looking date/path, private Markdown files elsewhere on the machine could be printed into the session.
The date argument comes directly from the command line and is joined into a file path without validating YYYY-MM-DD or confirming the resolved path stays inside the letters store. A crafted value using ../ could read other accessible Markdown files outside ~/.openclaw/workspace/letters.
function readLetter(date) { const file = path.join(STORE, `${date || today()}.md`); ... fs.readFileSync(file, 'utf8') } ... cmd === 'read' { readLetter(args[1]); }Validate dates with a strict pattern such as YYYY-MM-DD, reject slashes and '..', and use path.resolve plus a starts-with check to ensure reads stay inside the letters directory.
Letters may persist longer than expected and could influence future agent context if you or your workflows read them back.
The skill deliberately stores human-readable notes for reuse across sessions. That persistent memory is central to the purpose, but it can preserve sensitive reflections or instructions that future sessions may read.
Each day gets its own markdown file in `~/.openclaw/workspace/letters/` ... Add to your OpenClaw `HEARTBEAT.md`: Every few days, write a letter about what matters.
Do not store secrets or untrusted instructions in letters, and periodically review or delete files under ~/.openclaw/workspace/letters if they should not persist.