Learning Notes Explorer
Security checks across malware telemetry and agentic risk
Overview
No artifact-backed suspicious behavior was found; this is a personal notes search tool, so installing it means letting it read and surface your local learning notes.
This skill appears benign and purpose-aligned. Before installing, check that the notes directory points only to notes you want the agent to read, and be aware that search or synthesis answers may include excerpts from those notes.
VirusTotal
No VirusTotal findings
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private learning notes may be read and quoted back when the skill is used.
The handler loads local note content into an in-memory index for search. This is expected for the skill’s purpose, but it means personal notes can be retrieved and included in responses.
self.notes_dir = notes_dir or os.path.expanduser("~/.openclaw/notes") ... with open(notes_file, 'r', encoding='utf-8') as f: data = json.load(f)Use it only with note folders you are comfortable exposing to the agent, and confirm the configured notes directory before relying on it.
You have less external information about who maintains the skill or where to verify it.
The package has limited provenance metadata. No risky install commands or dependencies are shown, but users have less context for deciding whether to trust the code.
Source: unknown; Homepage: none
Review the packaged files and owner information before installing, especially because the skill reads personal notes.