Bark Push
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a straightforward Bark notification skill, but it needs your Bark device key and sends notification text to Bark's service.
Install this only if you want OpenClaw to be able to send Bark notifications to your iPhone. Keep the Bark key private, avoid sending sensitive content in notifications, use care with critical alerts, and prefer the Node.js helper or properly escaped inputs when notification text may come from untrusted sources.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A notification generated from untrusted text could be malformed or include unintended notification options, such as a click URL or alert level.
The shell helper interpolates command arguments directly into a JSON payload rather than JSON-escaping each value. This is bounded to the Bark notification request, but quotes or crafted untrusted notification text could break the request or alter Bark fields such as URL or level.
"title": "$TITLE",
"body": "$BODY"$(if [[ -n "$SUBTITLE" ]]; then echo ", \"subtitle\": \"$SUBTITLE\""; fi)Prefer the Node.js helper, which uses JSON.stringify, or update the shell helper to JSON-escape all user-provided fields before sending.
If the Bark key is exposed, another party could send unwanted notifications to the device.
The skill uses a Bark device key as its authorization material. This is expected for Bark push delivery, but anyone with the key can send notifications to the associated device.
Device key 可以从以下环境变量读取 (按优先级): 1. `BARK_KEY` 2. `BARK_DEVICE_KEY`
Store the Bark key only in trusted local configuration, avoid sharing it in prompts or logs, and rotate it if it may have been exposed.
Sensitive text placed in a notification may be transmitted to Bark and displayed on the device lock screen depending on user settings.
The notification title and body are sent to Bark's external API endpoint. This is the core function of the skill, but it means notification contents leave the local environment.
const payload = {
title: options.title,
body: options.body
};
...
const apiUrl = new URL(`https://api.day.app/${options.key}`);Avoid sending passwords, secrets, or highly sensitive personal information in notification titles or bodies.
Installing unnecessary dependencies can add avoidable third-party code to the local environment.
The package file declares a caret-ranged axios dependency, while the included Node script uses the built-in https module instead. There is no install spec, so this is not automatically installed, but it is an unnecessary supply-chain surface if a user runs npm install.
"dependencies": {
"axios": "^1.6.0"
}Do not run npm install for this skill unless needed, or remove/pin unused dependencies in the package file.