Second Brain Triage
Security checks across malware telemetry and agentic risk
Overview
Second Brain Triage appears to be a coherent local note-classification helper, with only user-directed file/report handling and limited provenance to review.
This looks safe for local note triage, but treat it as a local Node helper from an unknown source: run it only on notes or JSON files you intend to classify, and check where reports will be written.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with the wrong path, the tool could process private notes or write a report somewhere unintended.
The CLI can read a user-specified file or batch file and write a report to a user-specified output path. This fits the stated triage purpose, but file paths should remain explicitly user-approved.
const content = fs.readFileSync(options.file, 'utf8'); ... fs.writeFileSync(options.output, output);
Only run it on specific files the user chose for triage, and review the output path before writing reports.
Users have less provenance information to verify who maintains the skill and should notice that the documented CLI requires local Node execution.
The registry metadata provides limited provenance and does not declare the Node/CLI setup shown in the package and README. The package appears self-contained with no external dependencies, so this is a review note rather than a concern.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Prefer a verifiable source/homepage and metadata that declares the Node CLI requirement; review package.json before installing or running it.