ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Zettelkasten note tool

v1.0.0

Create, manage, and operate a Zettelkasten slip-box note system using the zk.py CLI script. Use this skill whenever a user wants to build or use a Zettelkast...

0· 38·0 current·0 all-time
byJay@goog
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the provided code and instructions: a single-file Python CLI to create and manage a local Zettelkasten vault. No unrelated binaries, env vars, or network endpoints are requested.
Instruction Scope
SKILL.md and the CLI operate locally on a vault (default ~/Zettelkasten) and instruct the agent to deliver the script to the user. The runtime instructions do not direct data to external endpoints or request unrelated files. Note: the script reads all .md files under the vault and opens an editor via os.system, which executes a shell command — see user guidance.
Install Mechanism
No install spec; this is instruction-only with a bundled script file. No downloads or third-party package installs are performed by the skill itself.
Credentials
Only optional environment variables are used (ZK_VAULT to set vault location and EDITOR to open files). These are appropriate and proportional to a local note-management tool; no credentials or unrelated secrets are requested.
Persistence & Privilege
always:false and user-invocable:true. The skill writes files to the user-specified vault (normal for this purpose). It does not modify other skills or global agent configuration.
Assessment
This skill appears to do what it says: manage a local Zettelkasten vault and needs only optional ZK_VAULT and EDITOR environment variables. Before installing or running it: - Review the script yourself (it is provided) and run it from a user account you control. The code is local-file oriented and does not phone home. - Be cautious with the EDITOR environment variable: the script uses os.system(f'{editor} "{path}"'). If EDITOR is set to a malicious string (or contains shell metacharacters), that could execute undesired shell commands. Prefer setting EDITOR to a trusted program (e.g., vim, nano) or modify the script to use subprocess.run([...], shell=False). - Be mindful of ZK_VAULT: if you override the vault path, the tool will scan and read all .md files under that path. Don’t point it at directories containing sensitive files. - If you plan to allow autonomous invocation by an agent, consider whether automatic file creation/editing is acceptable; you can require explicit user invocation instead. - If you want extra safety, run the script in a confined environment (different user account, container, or VM) until you’re comfortable with behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b6ymd3cg5vd92kmdzar5q1s84pzk4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments