Openclaw Skill
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill’s behavior matches its diary-pet purpose, but it uploads diary content to an external service and stores a local session token.
Install only if you are comfortable running the setup script, storing a DiaryBeast session token under your OpenClaw workspace, and uploading diary content to DiaryBeast. Avoid entering secrets, and review carefully before publishing anything to the public Wall.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running setup will execute code on your machine, contact DiaryBeast, and create local credential files.
The quick start requires running an included local Node script. This is disclosed and central to setup, but it is still local code execution.
node setup.mjs
Review setup.mjs before running it and only run the version supplied by a trusted source.
If run, these commands can change the pet/account state and spend in-app tokens.
The skill documents direct POST requests that mutate the DiaryBeast account, such as creating diary entries and purchasing/feeding items.
curl -s -X POST "$BASE/api/entries"
Run mutation commands only when you intend to update the pet, spend tokens, or submit content.
Anyone who can read the token file may be able to act as this DiaryBeast session until it expires.
The setup script stores the DiaryBeast bearer token locally so later commands can authenticate to the service.
writeFileSync(tokenFile, data.token);
Do not share the token file or setup output, and consider restricting file permissions if using a shared machine.
Personal diary content may leave your machine and be stored or processed by DiaryBeast; public excerpts are meant to be visible to others.
The documented workflow sends diary text to the external DiaryBeast API; optional publicExcerpt/publicTags can publish selected content to a public feed.
"encryptedContent":"YOUR DIARY TEXT HERE"
Do not submit secrets or sensitive personal information unless you are comfortable uploading it to DiaryBeast, and review any public excerpt before posting.