ClawHub
Back to skill
v1.0.0

Bookmark Organizer

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 6:42 AM.

Analysis

The skill appears to do what it claims, but bookmark data and optional link checking can expose private browsing interests if used carelessly.

GuidanceThis looks safe for its stated purpose. Before installing or running it, treat your bookmark export and generated Markdown as private data, use --check-links only if you are comfortable contacting every bookmarked site, and keep custom category names simple.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
scripts/organize.py
command = ['curl', '-L', '-s', '-o', '/dev/null', '-w', '%{http_code}', '-m', '15', url]

The optional dead-link checker uses curl to contact each bookmarked URL. This is disclosed and purpose-aligned, but it sends network traffic to bookmarked sites.

User impactRunning with --check-links can reveal your IP address or trigger logs on the sites in your bookmark export, including private or internal URLs.
RecommendationOnly use --check-links when you are comfortable contacting every URL in the bookmark file; avoid it for exports containing private intranet or sensitive links.
Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
scripts/organize.py
rules = json.load(f) ... file_path = out_path / f"{category}.md"

Category names loaded from rules are used as output filenames. The bundled rules use simple safe names, but customized rule names are not sanitized.

User impactIf a user edits rules.json with unusual path-like category names, output files may be written somewhere unexpected or the script may fail.
RecommendationKeep category names simple, such as letters, numbers, and hyphens; if modifying the script, sanitize category names before using them as filenames.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
turn a standard browser bookmark export file (HTML) into a clean, categorized, and searchable knowledge base in Markdown format

The skill intentionally turns bookmark history into persistent Markdown knowledge-base files; this is purpose-aligned, but bookmarks may reveal sensitive interests or accounts.

User impactIf the output folder is shared, synced, or indexed, other people or tools may see private bookmark titles and URLs.
RecommendationUse a private output directory, review generated Markdown before sharing it, and delete or exclude sensitive categories if needed.