ClawHub
Back to skill
v1.0.0

Dnote

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:51 AM.

Analysis

The skill is a coherent Dnote CLI wrapper, but it can delete notes or whole books without confirmation and can export or sync persistent notes, so it should be reviewed before installation.

GuidanceBefore installing, decide whether the agent should be allowed to edit or delete your Dnote notes. Prefer local-only mode if you do not want sync, use trusted Dnote installation sources, and require explicit confirmation before any remove or remove-book action.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
scripts/dnote.sh
$DNODE_CMD remove "$id" -y ... $DNODE_CMD remove "$book" -y

The remove and remove-book wrapper commands pass -y, bypassing Dnote's normal confirmation for destructive deletion.

User impactA mistaken or over-broad agent action could delete saved notes or an entire book without a second prompt.
RecommendationRequire explicit user confirmation before remove and remove-book, remove the -y flag, or add a backup/recycle/dry-run step for destructive actions.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
curl -s https://www.getdnote.com/install | sh

The setup documentation includes a user-directed remote installer for the required Dnote CLI.

User impactIf the user chooses this install path, they execute code fetched from the Dnote website.
RecommendationUse an official package manager or release download when possible, or inspect the installer before running it.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
primaryEnv: DNOTE_API_KEY ... dnote login

The skill declares a Dnote credential and documents optional login for syncing across devices.

User impactUsing sync may give the Dnote CLI access to the user's Dnote account and associated notes.
RecommendationUse local-only mode if sync is not needed, and verify which Dnote account or token the CLI is using before enabling sync.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
dnote:search <query> | Find relevant context before answering ... dnote:capture <book> <content> | Save useful info discovered during task ... dnote:export-book <book> | Load entire book into context

The skill is designed to store persistent notes and later load them into the agent's context.

User impactPrivate, stale, or incorrect notes could be reused in future answers, and exported note content may enter the agent context.
RecommendationLimit exports to relevant books, avoid storing secrets in notes, and review notes before relying on them as context.