Back to skill
Skillv1.0.0
ClawScan security
Test skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 29, 2026, 12:05 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions are consistent with its stated purpose of driving the macOS 'memo' CLI to manage Apple Notes; nothing requested appears disproportionate.
- Guidance
- This skill appears coherent with its purpose, but before installing: (1) verify the Homebrew tap/author (antoniorodr) and inspect the formula or upstream GitHub repo to ensure you trust the code; (2) be aware that granting Automation permission to Notes.app lets the tool read and modify your notes — only grant that if you trust the memo tool; (3) consider running memo manually from your terminal first to confirm behavior and review any prompts; and (4) avoid installing unreviewed code via pip unless you inspect the repository and packaging.
Review Dimensions
- Purpose & Capability
- okThe description (manage Apple Notes) matches the declared required binary (memo) and the SKILL.md usage examples. Required items (memo binary, macOS Notes access) are appropriate for the stated functionality.
- Instruction Scope
- okSKILL.md only instructs use of the memo CLI commands (list, create, edit, delete, move, export) and mentions granting Automation access to Notes.app — actions necessary to control Apple Notes. It does not request unrelated files, environment variables, or network endpoints.
- Install Mechanism
- noteInstall spec uses a Homebrew formula (antoniorodr/memo/memo), which is a common and reasonable mechanism. This is a third-party tap/author; you may want to review the tap/formula and upstream repo before installing. No arbitrary download URLs or archive extraction are used here.
- Credentials
- okNo environment variables, credentials, or config paths are required. The permissions requested (macOS Automation access to Notes.app) are proportionate to editing/accessing Apple Notes.
- Persistence & Privilege
- okalways is false and the skill does not request elevated or persistent platform privileges. Autonomous invocation is allowed (the platform default) and not by itself a concern given the limited scope and lack of broad credentials.