Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
flomo-archive
v1.0.0获取 Flomo 指定月份的完整笔记并评估质量。当用户说"查看flomo XX年XX月的全部笔记"、"获取flomo某月笔记"、"拉取flomo历史记录"或"评估flomo笔记质量"时触发使用。支持智能三级降级策略(周→天)确保完整覆盖,内置质量评估规则自动标记低质量笔记。
⭐ 1· 86·0 current·0 all-time
by@jayshna
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name/description match the implementation: scripts fetch notes (via mcporter) and evaluate quality. Using an MCP/mcporter client is reasonable for contacting Flomo MCP APIs.
Instruction Scope
SKILL.md and scripts instruct the agent to call the 'mcporter' CLI with a hard-coded config path in the user's home (~/.openclaw/workspace/config/mcporter.json). The manifest declared no required config paths or credentials, but the runtime relies on that config and on mcporter being present. That mismatch is scope-creep: the tool will indirectly access the user's stored MCP credentials/config when mcporter runs.
Install Mechanism
No install spec; code files are included and run directly. There are no network downloads or extract steps in the install. This is lower-risk than fetching remote binaries.
Credentials
The skill declares no required env vars or config paths, yet the code expects a specific mcporter config file in the user's home. Running mcporter will use whatever credentials/config are present there (sensitive). The script also passes the full environment to subprocess.run and builds a shell command with shell=True, increasing the chance of unintended environment or shell-injection influence if values were different. These accesses are not declared in the registry metadata.
Persistence & Privilege
always is false, the skill does not request permanent platform-wide presence, and it only writes output files to /tmp. It does not modify other skills or system-wide settings.
What to consider before installing
This skill largely does what it says, but be aware it will run the 'mcporter' CLI using a config file at ~/.openclaw/workspace/config/mcporter.json (the code assumes that path). The registry metadata did not declare that config path or any credentials, so installing or running the skill will cause the agent to use whatever MCP credentials are stored there. Before installing or allowing autonomous runs: (1) verify you trust the skill source; (2) inspect the included scripts yourself (they are small); (3) ensure mcporter is configured with an account you are comfortable the skill using (consider a limited/test account); (4) avoid running it with elevated or multi-service credentials stored in mcporter; (5) consider running the scripts manually rather than granting the agent autonomous invocation if you are unsure. If you need full assurance, ask the author to declare required config paths/credentials in the manifest and to avoid hard-coded config locations or use a configurable path/explicit credential environment variables.Like a lobster shell, security has layers — review code before you run it.
archivevk978hhw69hedtcvf1dn1we9swd83cmm1flomovk978hhw69hedtcvf1dn1we9swd83cmm1latestvk978hhw69hedtcvf1dn1we9swd83cmm1notesvk978hhw69hedtcvf1dn1we9swd83cmm1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.