搜索网页规则管理(多平台增强版 - 安全加固)
AdvisoryAudited by Static analysis on May 6, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may enable an unauthenticated local API and expose their Obsidian vault to any local agent or process that can reach it.
The skill presents disabling API-key authentication for the Obsidian Local REST API as safer, even though that API is used for creating, reading, updating, and deleting vault notes.
**不建议设置 API Key**(留空更安全)... **推荐方法:不使用 API Key(最简单安全)**
Do not treat no-auth REST access as safer. Use an API key or equivalent authentication, store it in an environment variable or keychain, bind the service to localhost, and prefer direct file access only with strict path containment.
If this pattern is followed, a crafted path with a shared prefix could be treated as allowed, risking writes or deletes outside the intended skill or vault directory.
The security guide claims path operations are restricted, but this prefix-based path check is not a robust containment check for a skill that writes, moves, and deletes knowledge-base files.
if abs_path.startswith(os.path.abspath(allowed)):
return TrueUse canonical path containment checks such as Path.resolve().relative_to(), sanitize web-derived filenames, and require explicit confirmation before move or delete operations.
If authorized, the skill can upload files to Google Drive or NotebookLM under the user’s Google account.
The Google Drive integration uses OAuth credential and token files. The documented scope is limited and purpose-aligned, but it is still sensitive account authority.
"credentials_file": "path/to/credentials.json", "token_file": "path/to/token.json", "oauth_scopes": ["https://www.googleapis.com/auth/drive.file"]
Use a dedicated Google project or account where possible, keep the drive.file scope, store tokens securely, and revoke tokens when no longer needed.
Incorrect or poisoned rules could hide useful results, preserve unwanted sources, or bias future searches.
The skill persists user decisions as rules that can later classify or filter search results automatically.
在用戶多次確認後,系統學習到規則... 是否要應用這些規則?... 自動分類類似內容
Review whitelist, blacklist, uncategorized, and learned-rule files regularly, and provide an easy way to reset or disable automatic rules.
Search content, summaries, links, and possibly search keywords may leave the local environment and be handled under the provider’s policies.
The NotebookLM path intentionally sends selected content to an external provider. This is disclosed and purpose-aligned, but it crosses a data boundary.
上传的内容会被发送到 Google 服务器。**请勿上传敏感信息**!
Use local Obsidian storage for sensitive material, confirm each upload, use a separate browser profile, and avoid sending confidential content to cloud platforms.