Crayfish Diary
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill appears to be a straightforward diary/memo recorder that writes user-provided notes to local Markdown files, with no evidence of exfiltration or hidden behavior.
This looks safe for a local diary workflow. Before installing, remember that it will save recorded conversation content into your workspace as Markdown files, so use the start and end phrases deliberately and avoid recording information you do not want persisted.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may create or update diary files in the current or specified workspace.
The skill instructs the agent to create directories and write files. This is expected for a diary skill and is scoped to a diary directory, but it is still local file mutation that users should understand.
使用 `execute_command` 工具创建目录: ```bash mkdir -p "空间路径/龙虾日记/YYYY/MM/DD" ``` 使用 `write_to_file` 工具创建 markdown 文件
Install if you are comfortable with the agent writing diary Markdown files locally; specify the storage location when needed.
Anything shared while recording is active may be saved into local diary files and summarized in a README.md file.
The skill persists user conversation content as diary data until an explicit stop phrase. This is purpose-aligned, but diary entries may contain sensitive personal or work information.
收集用户后续的所有对话内容,直到用户说"结束记录"。
Avoid recording sensitive information unless you intend it to be stored, and say the end phrase promptly when recording is finished.