ClawHub

Justanote

v1.0.0

Manage personal markdown notes — search, read, create, and append to notes. Use when the user asks to jot down an idea, find a note, list notes, or add somet...

0· 214·1 current·1 all-time
by@lanthar91
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the behavior: it manages markdown notes stored under a specific workspace path. It does not request unrelated credentials or services.
!
Instruction Scope
SKILL.md gives concrete shell commands that read/write files under /home/node/.openclaw/workspace/notes (and notes the host mapping to /root/...). Commands use direct variable substitution (e.g., $NOTES/PATH_TO_NOTE.md, grep with SEARCH_TERM) with no explicit input sanitization. That means a malformed PATH or SEARCH_TERM could allow the agent to read or modify files outside the intended notes tree.
Install Mechanism
Instruction-only skill with no install spec and no packages downloaded — minimal installation risk.
Credentials
No environment variables, credentials, or external config paths are requested. Nothing disproportionate is declared.
Persistence & Privilege
always is false and the skill is user-invocable. The skill writes to the agent workspace (persistent across restarts) and the SKILL.md explicitly notes a host mapping to /root/.openclaw/workspace/notes, which may expose host-level files if the workspace is mounted or misconfigured.
What to consider before installing
This skill appears to do what it says (manage local markdown notes) and asks for no credentials, but it relies on running shell commands that directly read and write files under a specific workspace path. Before enabling it: 1) Confirm where the notes directory is mapped on your host (the file mentions a mapping to /root/.openclaw/... which could expose host files). 2) Avoid putting secrets in notes. 3) Ensure agent runtime will validate and sanitize user-provided note paths, titles, and search terms (prevent .. path traversal and shell injection). 4) If you are concerned about exposure, test using a disposable or non-sensitive notes directory, or deny autonomous invocation until you review how inputs are escaped. 5) If you want stronger guarantees, request or implement explicit filename/path validation and quoting when the agent runs shell commands.

Like a lobster shell, security has layers — review code before you run it.

latestvk9757tvqgh62meryypphxqdtgh82cgc9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments