ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

passnote-skill

v1.0.3

Create and manage disposable memos using PassNote. Share secure, auto-destructing notes with others.

0· 86·0 current·0 all-time
by@shiweifu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description (PassNote disposable memos) matches the provided script and SKILL.md: the script sends memo content to a PassNote API and returns a passcode/link. However, the registry metadata at the top claims 'Required env vars: none' while SKILL.md and the script clearly require PASSNOTE_API_URL and PASSNOTE_API_TOKEN. This metadata mismatch is incoherent and should be corrected.
Instruction Scope
SKILL.md instructs the agent to run the included Python script and to store PASSNOTE_API_URL and PASSNOTE_API_TOKEN in ~/.openclaw/openclaw.json. The script only reads those environment variables and posts the memo to the configured API endpoint. It does not attempt to read other files, credentials, or system state beyond the declared env vars.
Install Mechanism
No install spec or external downloads are included; this is an instruction-only skill that includes a small local Python script. Nothing is written to disk by an installer and there are no remote code fetches in the provided files.
Credentials
The script legitimately needs a PASSNOTE_API_URL and a PASSNOTE_API_TOKEN to operate; those are proportionate to the purpose. The incoherence is that the registry metadata lists no required env vars while SKILL.md and the script require them. Also note the script prints the passcode and view link to stdout (so logs or command history could capture secrets), which is expected for this use case but worth awareness.
Persistence & Privilege
The skill does not request elevated persistence (always:false) and does not modify other skills or system-wide settings. It runs a local script and relies on environment variables managed by the platform; autonomous invocation is allowed (platform default) but not combined with other concerning privileges.
What to consider before installing
This skill appears to do what it says (post memo content to your PassNote service and return a passcode/link), but verify a few things before installing: - Fix or confirm the metadata: the registry metadata incorrectly lists no required env vars, but the SKILL.md and script require PASSNOTE_API_URL and PASSNOTE_API_TOKEN. Ensure your platform will provide those env vars. - Only provide a token scoped for this purpose. Create a dedicated, minimal-permission API token on your PassNote instance rather than using an admin/global token. - Confirm the PASSNOTE_API_URL value is a service you control or trust. The script will send whatever content you provide to that URL; do not point it to an untrusted endpoint. - Be aware the script prints the passcode and link to stdout. Those outputs could be captured in logs or command history; treat them as sensitive and avoid putting secrets in shared logs. - If you have concerns, run the script locally (with a test token and test data or against localhost) to observe its network calls and responses before enabling agent automation. If these checks are acceptable, the skill itself is coherent with its stated purpose; the main issues are metadata accuracy and usual token/endpoint trust considerations.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bjpbkbgyczje90cn67jjjbs83vz90

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Environment variables
PASSNOTE_API_URLrequired
PASSNOTE_API_TOKENrequired

Comments