FlowMind

ReviewAudited by ClawScan on May 10, 2026.

Overview

FlowMind looks like a straightforward API guide, but using it means giving an agent a FlowMind API key that can read, change, and delete your productivity records and contacts.

This skill does not install or run local code, and its behavior is consistent with a FlowMind productivity API integration. Before using it, verify that you trust the FlowMind endpoint, provide only a revocable/scoped API key if possible, and require confirmation before deletions or large updates.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

If used with a valid token, the agent can create, edit, or delete tasks, goals, notes, contacts, and tags when directed.

Why it was flagged

The skill documents write and delete operations for FlowMind records. This is aligned with the productivity-management purpose, but these actions can permanently alter user data.

Skill content

POST /tasks — create ... PATCH /tasks/:id — update ... DELETE /tasks/:id — delete

Recommendation

Ask the agent to show the records it will change before bulk edits or deletions, and confirm destructive actions explicitly.

Medium

#ASI03: Identity and Privilege Abuse

What this means

Anyone or any agent process with the token may be able to access and modify the user's FlowMind workspace according to the token's permissions.

Why it was flagged

The skill requires a bearer token for the user's FlowMind account. This is expected for the API integration, but it grants account-level access to the documented operations.

Skill content

`FLOWMIND_API_KEY` — Bearer token from your FlowMind account ... All requests use `Authorization: Bearer <FLOWMIND_API_KEY>`

Recommendation

Use a revocable or scoped API key if FlowMind supports it, store it securely, and revoke it when no longer needed.

Low

#ASI06: Memory and Context Poisoning

What this means

Personal notes, contact details, and location-related fields may be surfaced in the conversation or included in outputs if requested.

Why it was flagged

The API can return personal notes and contact details into the agent's working context. This is expected for meeting prep and productivity workflows, but the data may be sensitive.

Skill content

Notes fields: ... title, content ... People fields: ... email, phone ... notes ... location, latitude, longitude

Recommendation

Limit queries to the records needed for the task, avoid storing secrets in FlowMind notes, and review generated outputs before sharing them.