Personal Wiki
Security checks across malware telemetry and agentic risk
Overview
The skill is coherent for a local personal wiki, but it needs access to private note accounts and stores processed content persistently on disk.
Install only if you want the agent to read selected private notes/files and maintain a persistent local Markdown wiki. Keep the wiki directory and API tokens private, review generated changes, and install dependencies from trusted sources. No artifact-backed hidden exfiltration, destructive behavior, or background persistence was found.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked, the agent can use these credentials to fetch notes from the configured IMA and Evernote/Yinxiang accounts.
The skill reads IMA credential files and an Evernote token before operating, which is expected for importing notes but gives the agent access to private account content.
IMA_CLIENT_ID="$(cat ~/.config/ima/client_id 2>/dev/null)" ... IMA_API_KEY="$(cat ~/.config/ima/api_key 2>/dev/null)" ... if [ -z "$EVERNOTE_TOKEN" ]; then
Use this only with accounts and tokens you are comfortable exposing to the agent, rotate tokens as needed, and avoid placing these credentials in shared environments.
Running ingest can pull remote note content and update or create local Markdown pages, index entries, and processing logs.
The skill uses external note APIs and modifies local wiki files. This is central to the wiki-ingestion purpose and is scoped to the wiki directory, but users should know it can change local files.
curl -s --max-time 15 ... https://ima.qq.com/openapi/note/v1/get_doc_content ... 写入 / 更新 `$WIKI_DIR/pages/[主题].md` ... 更新 `$WIKI_DIR/index.md` ... `$WIKI_DIR/log.md`
Keep backups or version control for the wiki directory, and review generated changes when processing important notes or documents.
Sensitive information or misleading instructions stored in the wiki could be reused in later queries or maintenance tasks.
The wiki schema is a persistent rule/context file that the agent is told to follow and update over time, so wiki contents and rules can influence future runs.
Claude 在执行 Ingest / Query / Lint 时遵循此文件,并可随着使用不断更新此规则。
Treat the wiki directory as private, review schema changes, and be careful ingesting untrusted documents that may contain prompt-like instructions.
Installing dependencies from package repositories could introduce risk if a package or mirror is compromised.
The setup instructions rely on third-party Python packages and a system utility without pinning versions. This is normal for document-ingestion functionality but creates ordinary dependency provenance risk.
pip3 install evernote2 python-pptx python-docx # pdftotext: macOS 自带;Linux: apt install poppler-utils
Install dependencies from trusted sources, consider pinning versions, and use a virtual environment if possible.