Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Joplin Cli
v1.0.1Comprehensive Joplin notes management via CLI with wrapper scripts, templates, and automation. Use when creating, reading, editing, syncing, or organizing no...
⭐ 0· 63·0 current·0 all-time
byWaltraud by joerg - Human-AI Collaboration@joergbot-cloud
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description align with the files and scripts: the scripts call the Joplin CLI and implement journal, quick-note, search, and backup workflows. However the registry metadata listed 'required binaries: none' while SKILL.md, package.json, and the scripts clearly expect the 'joplin' CLI; this is a packaging/documentation mismatch.
Instruction Scope
Runtime instructions and the included scripts stay within note-management scope (creating, searching, exporting notes, syncing). The scripts gather some local system context (hostname, whoami) for backup metadata and write files into backup directories — expected for a backup/automation skill. There is no evidence the skill attempts to phone home to unexpected external endpoints beyond Joplin sync (which uses whatever sync server you configured).
Install Mechanism
There is no external download/install spec in the registry (instruction-only), which is lower risk. package.json declares a dependency on 'joplin' (npm) and SKILL.md instructs 'npm install -g joplin' — so installing via npm is expected. This is coherent functionally but the top-level 'requirements' reported earlier (none) contradict the package.json and documentation.
Credentials
The skill does not declare required environment variables, yet scripts read and document many optional JOPLIN_* and Editor-related env vars (JOPLIN_BACKUP_PASSWORD, JOPLIN_BACKUP_DIR, JOPLIN_JOURNAL_NOTEBOOK, EDITOR, etc.). Backup encryption relies on a password that can be supplied via env var or CLI; storing secrets in env vars is common but sensitive. Additionally the scripts rely on other CLI tools (jq, gpg, tar, script) that are not declared in the top-level requirements — missing declared dependencies is a packaging inconsistency you should resolve before use.
Persistence & Privilege
The skill does not request permanent/always-on privileges and does not attempt to modify other skills or global agent configuration. It writes backups and metadata to file paths you control and invokes local utilities; this is expected for a backup/automation skill.
What to consider before installing
This skill largely does what it claims — it wraps the Joplin CLI for note workflows. Before installing: (1) verify you want the npm-installed 'joplin' CLI (SKILL.md and package.json require it) — the registry metadata incorrectly showed no requirements; (2) ensure the host has jq, gpg, tar, and the 'script' utility (scripts reference these but they are not declared up-front); (3) be cautious with backup encryption passwords passed via environment variables or CLI (don't store secrets in insecure profiles); (4) review the scripts (especially any that accept free text or file paths) to ensure they properly quote/sanitize inputs if you'll feed untrusted content — command injection is a generic risk for shell wrappers; (5) run the skill in a test environment first (the repository includes TESTING.md) and inspect created backups/metadata (the scripts add hostname and user info to metadata). The inconsistencies are most likely sloppy packaging/documentation rather than malicious behavior, but resolve the missing dependency declarations and confirm the scripts' handling of untrusted input before using with sensitive data.Like a lobster shell, security has layers — review code before you run it.
latestvk97c002dsfvpzq4q2mpkaxnet583v4hy
License
MIT-0
Free to use, modify, and redistribute. No attribution required.