Skillv1.7.2

ClawScan security

Lovefromio Getnote · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 27, 2026, 2:05 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and required secrets are consistent with a Get笔记 / biji.com integration; nothing in the package appears disproportionate or unrelated to its stated purpose.
Guidance: This skill appears to do exactly what it claims: integrate with Get笔记 (biji.com), save links/images/text, and perform searches. Before installing, consider: 1) The skill will ask you to authorize via an OAuth device flow and—after you click the link and approve—will store the resulting API key in your OpenClaw config (~/.openclaw/openclaw.json) so future calls work transparently. If you prefer, you can pre-populate GETNOTE_API_KEY/GETNOTE_CLIENT_ID/GETNOTE_OWNER_ID in your OpenClaw config instead of relying on the automatic flow. 2) Image uploads go through the service's OSS host returned by the API (the script performs an OSS multipart POST); be aware files are uploaded to the service. 3) Only provide API keys you trust and prefer setting GETNOTE_OWNER_ID if you want to restrict access to your notes. If you want an extra safety step, inspect or run the included scripts locally (oauth_poll.py, upload_image.py) before enabling automatic configuration.

Review Dimensions

Purpose & Capability: okName/description (保存笔记、图片 OCR、语义搜索, knowledge/标签 mgmt) match the provided API endpoints, scripts, and docs. Optional env vars (GETNOTE_API_KEY, GETNOTE_CLIENT_ID, GETNOTE_OWNER_ID) are appropriate for this service; network endpoints all point to the declared base URL (https://openapi.biji.com).
Instruction Scope: noteSKILL.md instructs the agent to auto-initiate an OAuth device flow if $GETNOTE_API_KEY is missing, poll for completion, and '自动写入配置' to the OpenClaw config — this is within the skill's purpose (smooth onboarding) but grants the agent permission to perform interactive OAuth and then write the API key into ~/.openclaw/openclaw.json without an extra explicit manual step. The scripts and docs reference only note-related files/APIs and the OSS upload host returned by the service; they do not request unrelated host system secrets.
Install Mechanism: okNo install spec (instruction-only) and the included Python scripts are small and readable. No remote archives or obscure download URLs. upload_image.py depends on the well-known requests library (checked at runtime). Low install risk.
Credentials: okOnly service-related credentials are used or suggested (GETNOTE_API_KEY, GETNOTE_CLIENT_ID, GETNOTE_OWNER_ID). Scripts read these env vars (or accept CLI args) as expected. There are no unrelated credential requests (AWS, GitHub, etc.).
Persistence & Privilege: noteSkill does not request 'always: true'. It instructs the agent to save obtained API credentials into the OpenClaw config (~/.openclaw/openclaw.json) after OAuth — this is typical for integrations but is a file-write operation that will store your API key on disk. The agent is allowed to invoke the skill autonomously (platform default); combined with automatic OAuth+config write, that expands the agent's ability to act on your behalf once you authorize.