Second Brain AI
v2.3.1Read, capture, search, relate, and assemble context from a user-specified local Markdown knowledge base (Obsidian/Logseq style). Supports controlled write op...
⭐ 0· 262·0 current·0 all-time
byhaidong@harrylabsj
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description, SKILL.md, package.json, and the included scripts all align: they read and (with explicit flags) write Markdown files inside a user-specified vault. Required runtime (Node >=16 and SECOND_BRAIN_VAULT) is appropriate for this purpose. The only minor inconsistency is that the registry metadata reported 'Required env vars: none' while package.json and SKILL.md require SECOND_BRAIN_VAULT.
Instruction Scope
The SKILL.md instructions map directly to the scripts' behavior. Scripts operate only on files under VAULT_PATH, and write operations require an explicit allow_write=true and, for appends, an appended_by attribution. The instructions do not direct the agent to read other system files or call external endpoints.
Install Mechanism
There is no install spec (instruction-only install), and the repository includes the Node scripts directly. No remote downloads, package installs, or brew/npm installs are performed by the skill itself. Risk here is low because the skill runs included JavaScript files locally.
Credentials
Only one env var (SECOND_BRAIN_VAULT) is required and is non-secret per package.json. This is proportional to the stated purpose. Caveat: the skill's authority equals whatever path the user supplies — if a user sets VAULT to a broad or sensitive directory (e.g., /, /home, or a parent of other data), the skill will be able to read (and, if allow_write is set, write) any .md files there. The skill does not request unrelated credentials or secrets.
Persistence & Privilege
The skill is not always:true and does not claim elevated system privileges. It does not alter other skills or system-wide agent settings. It writes only to the configured vault path and requires explicit allow_write for modifications.
Assessment
This skill appears to do what it claims and has no network traffic or secret-collection behavior in the code. Before installing or enabling write operations: 1) Set SECOND_BRAIN_VAULT to a dedicated vault directory (not /, your home directory, or other sensitive folders) so the skill's file access is limited to intended notes; 2) Only enable write actions (pass allow_write=true) when you explicitly approve changes, and ensure appended_by is provided for attribution; 3) Back up your vault before running write operations (init, capture, append) in case of accidental changes; 4) Note the minor metadata mismatch: registry said no required env var but package.json and SKILL.md require SECOND_BRAIN_VAULT — ensure the platform will allow you to set that environment variable. If you need higher assurance, review the included scripts locally or run them in a sandboxed environment before granting write permission.Like a lobster shell, security has layers — review code before you run it.
latestvk975se0b3rd6xzjka06nbvcn6982vrd4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.