Second Brain AI
Security checks across malware telemetry and agentic risk
Overview
The skill coherently works on a user-selected local Markdown vault, with no hidden network or exfiltration behavior shown, but it can surface private note excerpts to the agent and write vault files when explicitly allowed.
This looks purpose-aligned for a local Markdown second-brain workflow. Before installing, set SECOND_BRAIN_VAULT to a narrowly scoped vault, use the ignore file for sensitive notes, and only allow writes when you have reviewed the intended note creation or append.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private vault content may be shown to the agent during searches or context assembly, and note text could influence later reasoning if treated as authoritative.
The context-pack tool returns excerpts from local Markdown notes, which is central to the skill but can place private or untrusted note text into the agent's working context.
snippet: body.slice(0, 200).replace(/\n/g, ' ') + '...'
Point SECOND_BRAIN_VAULT only at the intended notes, use .secondbrainignore for sensitive files, and review context packs before relying on them.
If allow_write is set, the agent can modify the local vault by creating or appending notes.
The skill can create Markdown files in the configured vault, but the write is gated by an explicit allow_write flag; append operations use a similar approval pattern.
requireWriteApproval(data, 'allow_write'); ... fs.writeFileSync(filePath, fullContent, 'utf-8');
Only approve allow_write for specific note changes you intend, and review generated content before writing.
Users may need to inspect the included files to understand setup requirements and provenance.
The registry/provenance and setup metadata is sparse and under-declares the Node.js and SECOND_BRAIN_VAULT requirements documented in SKILL.md/package.json; no hidden installer, dependency download, or external package source is shown.
Source: unknown; Homepage: none; Required binaries: none; Required env vars: none; No install spec
Review the included scripts before use, ensure Node.js is available, and set SECOND_BRAIN_VAULT explicitly to the intended vault path.