Dnote
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a mostly coherent Dnote note-management wrapper, but it deserves review because its delete commands bypass confirmation and it can expose or sync personal notes.
Install this only if you trust the Dnote CLI and the installer source. Use local-only mode if you do not need sync. Before allowing the agent to delete notes or books, require explicit confirmation or modify the wrapper to remove the automatic -y deletion flags. Be careful when exporting whole books into AI context, and avoid storing secrets in Dnote notes or config.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or over-broad agent action could permanently delete notes or an entire book without an extra confirmation step.
The wrapper forces deletion confirmation for both note removal and book removal, so an agent invocation could delete Dnote data without Dnote's native prompt.
$DNODE_CMD remove "$id" -y ... $DNODE_CMD remove "$book" -y
Require explicit user approval before running remove or remove-book, and consider removing the -y flags or adding a dry-run/confirmation guard in the wrapper.
If the remote installer or connection were compromised, it could run unwanted code during setup.
The documented setup pipes a remote installer directly into a shell. This is user-directed and purpose-aligned, but it requires trusting the remote installer source.
curl -s https://www.getdnote.com/install | sh
Prefer package-manager installation or verify the downloaded installer/release before running it.
Using login or an API key may allow the skill's Dnote commands to read, modify, delete, or sync notes in the associated Dnote account.
The skill supports authenticated Dnote sync using Dnote account credentials. This is expected for a Dnote integration, but it grants access to synced note data.
primaryEnv: DNOTE_API_KEY ... dnote login ... sync
Use the least-privileged account/token available, log out when not needed, and use local-only mode if cloud sync is unnecessary.
Private notes may be included in model context, and old or incorrect notes could influence future answers.
The skill is designed to bring persistent note content into the AI context. This is central to the note-taking purpose, but persistent notes can contain private, stale, or misleading information.
Export entire book for context ... dnote:export-book <book> | Load entire book into context
Only export books that are relevant to the task, avoid storing secrets in notes, and review retrieved notes before relying on them for important decisions.