Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

flomo-sync

v1.0.0

将 flomo 所有记录 memo 同步/备份到本地 Markdown 文件的工具。使用 scripts/flomo-sync.py 脚本通过 flomo API 拉取 memo，支持增量同步、附件下载、多文件输出。当用户需要备份 flomo、同步 flomo memo 到本地、导出 flomo 笔记为 Mark...

⭐ 2· 532·2 current·2 all-time

byGiraffeTree@giraffe-tree

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description match the included script and SKILL.md: the tool pulls memos from flomo via its API, converts to Markdown, downloads attachments, and writes files to a user-provided output directory. No unrelated services or credentials are requested.

ℹ

Instruction Scope

SKILL.md instructs the agent/user to provide a project path and an access token stored in a local .flomo.config; it warns not to paste tokens into chat. The runtime script reads .flomo.config and maintains a local .flomo.lock. One implementation detail to note: the script contains a hard-coded SIGN_SECRET used to compute a request signature — this is unusual but plausibly required to mimic the web client for the flomo API.

✓

Install Mechanism

Instruction-only skill with no install spec. It asks users to pip install requests and markdownify — minimal and proportionate to the stated task.

✓

Credentials

No environment variables or unrelated credentials are requested. The script requires only a flomo token (via .flomo.config or CLI) which is appropriate for accessing the flomo API.

✓

Persistence & Privilege

Skill is not 'always' enabled and does not request elevated platform privileges. It writes output, images, and a .flomo.lock in the chosen output directory — expected behavior for a sync/backup tool.

Assessment

This appears to be a legitimate flomo sync tool. Before installing/run: (1) keep your flomo token in a local .flomo.config file and avoid pasting it into chat as advised; (2) review the script locally (it is included) to confirm it only communicates with flomo domains; (3) run in a controlled environment (virtualenv) and inspect network requests (e.g., with a network monitor) if you want extra assurance; (4) note the hard-coded SIGN_SECRET in the script — it may be needed to emulate the web client but is an unusual implementation detail you may want to confirm against upstream behavior. If any of these raise concerns, run the script manually rather than granting autonomous agent invocation.

Like a lobster shell, security has layers — review code before you run it.

latestvk974f8ga1kb5h5wf62acksb3e181ht14

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

flomo-sync

License

Comments