Flomo Via App
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Flomo note-sending skill, but users should know it relies on a Flomo webhook token and sends note content to the configured Flomo webhook.
Install only if you are comfortable giving the skill a Flomo webhook token and sending selected note content to Flomo through that webhook. Use the default local .env storage, keep the token private, and be aware that the included script is webhook-only despite some URL Scheme wording in SKILL.md.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone with access to the saved token may be able to post notes to the user's Flomo inbox.
The skill requests and stores a Flomo webhook token, which is expected for this integration but is still account-authorizing material.
read -rp "Webhook token (or full URL): " WEBHOOK_INPUT ... echo "FLOMO_WEBHOOK_TOKEN=$WEBHOOK_TOKEN" >> "$ENV_FILE" ... chmod 600 "$ENV_FILE"
Use the default local .env option, keep the file private, and rotate the Flomo webhook token if it is exposed.
Notes sent through this skill are transmitted to the configured Flomo webhook endpoint.
The script sends note content over the network to the configured webhook URL. This is the core function of the skill and is disclosed.
RESP=$(curl -sS -w "\n%{http_code}" -X POST "$WEBHOOK_URL" -H "Content-Type: application/json" -d "$PAYLOAD" || true)Before sending sensitive notes, confirm that the configured webhook URL is the intended Flomo URL.
A user may expect local URL Scheme behavior, but the included send script actually requires and uses the webhook path.
README.md and the actual script indicate webhook-only behavior, while SKILL.md describes URL Scheme as the primary path with webhook fallback. This is a documentation inconsistency rather than evidence of malicious behavior.
本版本已取消 URL Scheme 模式(mac 应用当前不支持该功能)。> 统一改为使用 Webhook API
Treat this skill as webhook-based unless the maintainer updates the implementation and documentation to match.
If the local .env file is tampered with, running the send script could execute unintended shell commands.
The send script loads the local .env file through shell source. This is common for shell configuration, but it means the .env file must be trusted because shell syntax in it would be evaluated.
source "$ENV_FILE"
Keep the skill directory and .env file writable only by trusted users; maintainers could harden this by parsing key-value config without sourcing it as shell code.
Users have less external provenance information to verify the skill and may not see the webhook requirement from registry metadata alone.
The package provenance is limited, and the registry metadata does not declare the practical webhook configuration used by the included scripts.
Source: unknown; Homepage: none; Required env vars: none
Review the included scripts before use and prefer skills whose metadata accurately declares credentials, dependencies, and source location.