Justanote
PassAudited by ClawScan on May 1, 2026.
Overview
This is a straightforward local markdown notes skill, with the main thing to notice being that it can persistently read and modify files in its notes folder.
This skill appears safe for managing local markdown notes. Before installing, be comfortable with persistent storage under the OpenClaw workspace, avoid saving passwords or secrets, and confirm create/append operations so the agent writes to the intended note.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can add or change note files when you ask it to create or append notes, so ambiguous requests could result in edits to the wrong note.
The skill uses shell redirection to create and append notes. This is expected for a local markdown notes manager, but it gives the agent file-mutation capability within the notes folder.
cat > $NOTES/SUBDIR/SLUG.md << 'EOF' ... echo -e "\n## New section\n\nContent to add" >> $NOTES/PATH_TO_NOTE.md
Confirm the target note name and content before creating or appending, especially when a note with a similar title may already exist.
Information saved in notes can remain available across sessions and may be surfaced in future searches or reads.
The skill creates a persistent local note store that can be searched and read later. This is purpose-aligned, but persistent notes may contain sensitive personal information or text that should not be treated as trusted instructions.
Notes live in `/home/node/.openclaw/workspace/notes/` ... data persists across container restarts.
Avoid storing secrets or highly sensitive data in these notes, and treat note contents as user data rather than authoritative instructions.