Skillv1.0.0

ClawScan security

flomo-sync · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 20, 2026, 6:24 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are consistent with a flomo → Markdown sync tool; nothing in the package appears to exfiltrate data or request unrelated credentials.
Guidance: This appears to be a legitimate flomo sync tool. Before installing/run: (1) keep your flomo token in a local .flomo.config file and avoid pasting it into chat as advised; (2) review the script locally (it is included) to confirm it only communicates with flomo domains; (3) run in a controlled environment (virtualenv) and inspect network requests (e.g., with a network monitor) if you want extra assurance; (4) note the hard-coded SIGN_SECRET in the script — it may be needed to emulate the web client but is an unusual implementation detail you may want to confirm against upstream behavior. If any of these raise concerns, run the script manually rather than granting autonomous agent invocation.

Purpose & Capability: okName/description match the included script and SKILL.md: the tool pulls memos from flomo via its API, converts to Markdown, downloads attachments, and writes files to a user-provided output directory. No unrelated services or credentials are requested.
Instruction Scope: noteSKILL.md instructs the agent/user to provide a project path and an access token stored in a local .flomo.config; it warns not to paste tokens into chat. The runtime script reads .flomo.config and maintains a local .flomo.lock. One implementation detail to note: the script contains a hard-coded SIGN_SECRET used to compute a request signature — this is unusual but plausibly required to mimic the web client for the flomo API.
Install Mechanism: okInstruction-only skill with no install spec. It asks users to pip install requests and markdownify — minimal and proportionate to the stated task.
Credentials: okNo environment variables or unrelated credentials are requested. The script requires only a flomo token (via .flomo.config or CLI) which is appropriate for accessing the flomo API.
Persistence & Privilege: okSkill is not 'always' enabled and does not request elevated platform privileges. It writes output, images, and a .flomo.lock in the chosen output directory — expected behavior for a sync/backup tool.