Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Learned from AI
v0.1.0Convert AI chat or drafts into structured, verified, and durable learning notes with definition, key ideas, examples, derivations, Q&A, and a cheat sheet.
⭐ 0· 55·0 current·0 all-time
byYi@hyharry
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name and description (produce structured learning notes) align with the SKILL.md workflow (inspect source, produce main note + cheat sheet). However the instructions require searching and writing to a notes/ folder and mandate spawning a specific subagent model (openai-codex/gpt-5.4). The skill metadata declares no required config paths or credentials, so the manifest does not document the file-system and model-access behavior the skill actually needs.
Instruction Scope
The SKILL.md explicitly directs the agent to read from and write to notes/ (search existing notes, create notes/<subject>.md, notes/<subject>-cheatsheet.md). It also mandates spawning a subagent with a specific model and 'thinking' setting. These are concrete actions beyond a passive transformation: they imply filesystem access and autonomous subagent/model invocation. The instructions also say 'cross-check' facts (which may cause uncontrolled external web lookups) but do not constrain where or how verification should occur. The skill therefore instructs behavior (file I/O, network/model use) not reflected in the declared requirements.
Install Mechanism
No install spec and no code files — instruction-only skill. This is the lowest install risk: nothing is downloaded or written by an installer.
Credentials
The skill requests no environment variables or credentials in the manifest, yet it requires spawning a specific subagent model (openai-codex/gpt-5.4). Model invocation typically requires platform-managed credentials or API access; the skill does not declare any needed credentials or explain how model access is authorized. Likewise, the skill's persistent read/write to notes/ is a form of config/path requirement that is not declared. The absence of declared env/config needs is inconsistent with the instructions.
Persistence & Privilege
always is false (good). However the SKILL.md forces persistent writes to notes/ by default ('Always save outputs in notes/ unless the user explicitly asks otherwise') and requires pre-searching that folder to avoid overwrites. That grants the skill the ability to create persistent files unless the user intervenes; this persistent-write behavior is not documented in the manifest's required config paths.
What to consider before installing
This skill appears to do what it claims (turn chats into structured notes) but its runtime instructions require reading and writing a notes/ folder and spawning a specific subagent/model — none of which are declared in the manifest. Before installing, confirm: (1) where the notes/ folder lives and whether you want an automated skill to create or modify files there; (2) how the platform authorizes subagents and models (does this skill require extra API access or keys?), and whether the forced model can be changed; (3) whether 'cross-check' behavior will cause web requests that might leak sensitive content. If you proceed, consider editing the skill to (a) declare required config paths and any needed credentials, (b) remove hard-coded model requirements or document authorization, and (c) make persistent writes explicitly opt-in rather than the default.Like a lobster shell, security has layers — review code before you run it.
latestvk97bw10swqjb78aqj303tvysg184p9zz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.