Flomo Send
Analysis
This skill appears intended to send user-provided notes to Flomo, but users should notice that it uses and stores a Flomo webhook token and the docs/code are inconsistent about URL-scheme versus webhook-only delivery.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.
RESP=$(curl -sS -w "\n%{http_code}" -X POST "$WEBHOOK_URL" -H "Content-Type: application/json" -d "$PAYLOAD" || true)Invoking the helper posts the assembled note content to the configured Flomo webhook. That is the stated function, but it is still a remote account mutation.
if [ -f "$ENV_FILE" ]; then
set -o allexport
source "$ENV_FILE"
set +o allexport
fiThe script sources the local .env file as shell code. This is a common configuration shortcut, but a tampered or malformed .env could execute shell syntax when the script runs.
# Main: webhook-only delivery
The actual send script is webhook-only, while SKILL.md describes URL Scheme as the primary path with webhook fallback. This looks like stale or inconsistent documentation rather than hidden behavior.
Required binaries (all must exist): none ... Env var declarations: none ... Primary credential: none
The registry contract does not declare the curl/Python helper expectations or the Flomo webhook credential, even though the included docs and scripts disclose them.
Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.
read -rp "Webhook token (or full URL): " WEBHOOK_INPUT ... echo "FLOMO_WEBHOOK_TOKEN=$WEBHOOK_TOKEN" >> "$ENV_FILE"
The setup flow collects and stores a Flomo webhook token, which is expected for this integration but is still delegated account authority.