ClawHub

KnowledgeKeeper Skill

v1.0.0

Manage and organize notes with categories and tags, search content efficiently, and export knowledge in JSON or Markdown formats.

0· 73·0 current·0 all-time
bybittao@hgta23
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (note management, search, export) align with the included Python implementation. The code implements creating, updating, listing, searching, tagging, categorizing, and exporting notes—nothing in the code demands unrelated resources or credentials.
Instruction Scope
SKILL.md describes the same features implemented in main.py and does not instruct access to unrelated system files or environment variables. The implementation reads/writes a local file named 'knowledge.json' in the current working directory; this file location is implicit in the code and not documented in SKILL.md, so be aware notes are stored on-disk in plaintext.
Install Mechanism
No install spec or external downloads; requirements.txt contains no dependencies. This is instruction/code-only and does not pull external code or run installers.
Credentials
The skill requires no environment variables, credentials, or config paths. All data is local. There are no requests for unrelated secrets or external service keys.
Persistence & Privilege
The skill is not always-enabled and does not claim to modify other skills or system-wide settings. It can be invoked autonomously by the agent (platform default), which is expected for a skill; this combination is acceptable given the limited local scope of the code.
Assessment
This skill appears to do what it says: manage notes locally and export them. Before installing consider: (1) Notes are saved in plaintext to 'knowledge.json' in the working directory—don't use it for highly sensitive secrets unless you add encryption or secure storage. (2) The skill has no network calls or credential requests, so risk of remote exfiltration is low, but if the agent runs in a shared environment the file could be accessible to others—store it in a safe location or restrict permissions. (3) The source/publisher is unknown; if you need stronger assurances, review the code yourself or run it in an isolated environment. (4) Minor limitations: note IDs are timestamp-based (possible collisions under high-frequency writes), and there is minimal input validation—expect basic behavior, not hardened production-grade security. If those constraints are acceptable, the skill is coherent and can be used.

Like a lobster shell, security has layers — review code before you run it.

latestvk979a09jvxsetg3kk90v9w26vs84bpcr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments