ClawHub

librarian

v1.0.0

Ingest and tag any media link or file, ask user intent if unclear, then save a structured note in the Obsidian library for future use.

0· 124·0 current·0 all-time
by@earu723
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (ingest and save media links as Obsidian notes) aligns with the SKILL.md: it only fetches media, extracts metadata, asks for intent if needed, and writes a structured markdown file to library/. No unrelated credentials, binaries, or installs are requested.
Instruction Scope
Instructions limit actions to fetching content (web_fetch, pdf, image tooling) and writing notes into library/; they explicitly avoid generating downstream content. One minor note: tweet fetch strategy points at a third-party endpoint (api.fxtwitter.com) rather than an official API — this is coherent for fetching tweets but is an external service the agent will call. The skill does not instruct reading other unrelated local files or environment variables.
Install Mechanism
Instruction-only skill with no install steps and no code files, so nothing is written to disk beyond the notes the skill itself creates (library/*.md). This is the lowest-risk install posture.
Credentials
No environment variables, credentials, or config paths are required. The requested capabilities (web fetching, pdf/image tooling) are proportional to the stated task. There is no unexplained request for secrets or unrelated service access.
Persistence & Privilege
always:false and no special privileges requested. The skill writes notes to library/ (its stated purpose) and does not modify other skills or system configurations.
Assessment
This skill appears coherent and low-risk: it only fetches media and writes structured markdown files into library/ in your workspace. Before installing, confirm you are comfortable with the agent having permission to write files under the workspace root and with it performing outbound web requests (it will call web_fetch and a third-party tweet endpoint, api.fxtwitter.com). Also note transcripts for YouTube/audio may require you to paste text (the skill flags this). Avoid dropping sensitive documents you don't want stored into the library folder.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fwr7995s1wrn6b87k4n9p2x837m1z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments