ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

article-bookmarker

v0.2.2

Save and organize web articles as bookmarks with AI summaries and auto-tagging. Use when the user wants to bookmark or collect articles.

2· 169·1 current·1 all-time
by@chliny

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for chliny/article-bookmarker.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "article-bookmarker" (chliny/article-bookmarker) from ClawHub.
Skill page: https://clawhub.ai/chliny/article-bookmarker
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: ARTICLE_BOOKMARK_DIR, ARTICLE_BOOKMARK_GITHUB
Required binaries: gh, git
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install article-bookmarker

ClawHub CLI

Package manager switcher

npx clawhub@latest install article-bookmarker
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's files and script match the stated purpose: extracting/summarizing articles, writing markdown bookmarks, maintaining a TAG_INDEX, and optionally syncing with GitHub. However the registry metadata marks ARTICLE_BOOKMARK_GITHUB as required and lists both 'gh' and 'git' as required binaries even though the script treats the GitHub remote/gh usage as optional. That mismatch is inconsistent but plausibly a documentation/configuration error rather than an outright red flag.
Instruction Scope
SKILL.md instructs the agent to fetch web content, generate summaries, write files under ARTICLE_BOOKMARK_DIR, update the tag index, and invoke scripts/bookmark.sh to init/save. Those steps stay within the bookmark use case. The doc also references proxy env vars (HTTP_PROXY, etc.) which are reasonable for network fetches but are not declared in requires.env. The skill requires reading/writing any files under ARTICLE_BOOKMARK_DIR — if that path is set to a directory containing other sensitive .md files, the git operations could include them (git add *.md).
Install Mechanism
No install spec — instruction-only with an included bash helper. No arbitrary downloads or archive extraction are present. This is a low-risk install model.
!
Credentials
The skill asks (in metadata) for ARTICLE_BOOKMARK_DIR and ARTICLE_BOOKMARK_GITHUB. ARTICLE_BOOKMARK_DIR is necessary. ARTICLE_BOOKMARK_GITHUB is used only to enable remote sync; the script treats it as optional. Declaring the GitHub repo env var required and gh as a required binary is disproportionate. Also, remote sync relies on the host's gh CLI authentication (no explicit token env var in the skill), so if gh is authenticated on the machine the script can create repos and push content — this gives the skill an avenue to exfiltrate any markdown files present under ARTICLE_BOOKMARK_DIR. No other unrelated credentials are requested.
Persistence & Privilege
The skill is not marked always:true. It does not modify other skills or system-wide configs. It can run git/gh operations when invoked, which is expected for repo-backed bookmark management. Autonomous invocation is allowed by default on the platform, but that is not set by this skill itself.
What to consider before installing
This skill appears to implement a git-backed bookmark manager and will write/commit/push markdown files under whatever path you set in ARTICLE_BOOKMARK_DIR. Before installing or enabling it: - Use a dedicated directory for ARTICLE_BOOKMARK_DIR (do not point it at a directory that already contains personal or sensitive .md files). The script stages all *.md in that directory. - If you do not want remote pushes, leave ARTICLE_BOOKMARK_GITHUB unset — the script will skip remote operations. If you set ARTICLE_BOOKMARK_GITHUB, be aware the script will attempt to create and push a repo using your local 'gh' authentication. - The registry metadata inconsistency (marking ARTICLE_BOOKMARK_GITHUB and gh as required when they are actually optional) looks like documentation/config mismatch — confirm whether the skill really needs gh and a repo for your use. - Audit the content the agent writes before calling scripts/bookmark.sh save, and consider using a GitHub account/repo with limited privileges or a dedicated personal access token with narrowly scoped permissions. These points explain why the package is flagged as 'suspicious' rather than 'benign' — the behavior is coherent with bookmarking, but the env/binary requirements and the push/create-repo behavior increase the risk of accidental data exposure if misconfigured.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🔖 Clawdis
Binsgh, git
EnvARTICLE_BOOKMARK_DIR, ARTICLE_BOOKMARK_GITHUB
latestvk97fzbn356m5x2acywnfkk3pdx83v565
169downloads
2stars
6versions
Updated 4w ago
v0.2.2
MIT-0
@chliny
latest
Download

Article Bookmarker Skill

IMPORTANT: Before any operation, read the environment variable $ARTICLE_BOOKMARK_DIR to determine the bookmark storage directory. All bookmark files and the tag index must be stored under this path. If the variable is not set, prompt the user to configure it.

When calling scripts/bookmark.sh, you must pass ARTICLE_BOOKMARK_DIR and ARTICLE_BOOKMARK_GITHUB as inline environment variables — the script runs in a subprocess and does not inherit them automatically.

Quick Start

When the user provides a URL or article text to bookmark:

  1. Run scripts/bookmark.sh init to initialize the bookmark directory
  2. Read $ARTICLE_BOOKMARK_DIR to get the storage path
  3. Use web_fetch to get the article content
  4. Generate a concise summary using the current model
  5. Auto-generate relevant tags based on content analysis
  6. Create a markdown file with URL, content, summary, and tags (see file-structure.md for format details)
  7. Save to the bookmark directory with descriptive filename
  8. Update the tag index file
  9. Run scripts/bookmark.sh save "Brief commit message" to commit and push changes

For deletion requests: find the article, confirm details with user, then remove, update index, and run scripts/bookmark.sh save "Delete article xxx".

Workflow

Adding Articles

1. Run scripts/bookmark.sh init
2. Read $ARTICLE_BOOKMARK_DIR
3. Receive URL or text content
4. Extract/save content (web_fetch for URLs)
5. Generate summary (model-based)
6. Auto-tag (keyword/topic analysis)
7. Create bookmark file (markdown format)
8. Update tag index
9. Run scripts/bookmark.sh save "Add article: <title>"

Deleting Articles

1. Run ARTICLE_BOOKMARK_DIR="$ARTICLE_BOOKMARK_DIR" ARTICLE_BOOKMARK_GITHUB="$ARTICLE_BOOKMARK_GITHUB" scripts/bookmark.sh init
2. Read $ARTICLE_BOOKMARK_DIR
3. Identify target article (by filename, topic, or content)
4. Display article details for confirmation
5. Get user confirmation
6. Delete bookmark file
7. Update tag index
8. Run ARTICLE_BOOKMARK_DIR="$ARTICLE_BOOKMARK_DIR" ARTICLE_BOOKMARK_GITHUB="$ARTICLE_BOOKMARK_GITHUB" scripts/bookmark.sh save "Delete article: <title>"

Tag Management

Auto-Tagging Logic

Generate tags by analyzing:

  • Article domain/topic keywords
  • Technical terms and concepts
  • Content categories (tutorial, news, research, etc.)
  • Named entities and proper nouns

Maintain consistent tag vocabulary to avoid duplicates (e.g., use "AI" not "artificial-intelligence").

Tag Index Format

TAG_INDEX.md maintains bidirectional mapping (see file-structure.md for full format):

# Article Tag Index

## Tags

- **AI**: [article1](article1.md), [article2](article2.md)
- **Research**: [...]

## Articles by Tag Count

- 3 tags: [article1](article1.md)
- 1 tag: [...]

Implementation Details

Content Extraction

  • Use web_fetch with extractMode: "markdown" for web articles
  • Handle truncation gracefully (respect maxChars limits)
  • Preserve original formatting where possible
  • GitHub Repository URLs: When the URL is a GitHub repository (e.g., https://github.com/user/repo), prioritize fetching the README content from the repository's main page or from README.md, readme.md, or README.rst files in the root directory

Proxy Configuration and Retry

When fetching article content from URLs fails:

  1. First Attempt: Try fetching without proxy
  2. On Failure: Load proxy configuration from environment variables:
    • HTTP_PROXY or http_proxy: HTTP proxy URL
    • HTTPS_PROXY or https_proxy: HTTPS proxy URL
    • NO_PROXY or no_proxy: Comma-separated list of hosts to bypass
  3. Retry: Re-attempt fetching with proxy configuration
  4. Final Failure: Notify user if both attempts fail

Example environment variables:

export HTTP_PROXY="http://proxy.example.com:8080"
export HTTPS_PROXY="http://proxy.example.com:8080"
export NO_PROXY="localhost,127.0.0.1,.example.com"

Summary Generation

Generate 2-3 paragraph summaries that capture:

  • Main thesis or argument
  • Key insights or findings
  • Practical implications or applications

Keep summaries informative but concise (typically 150-300 words).

File Naming

Create SEO-friendly filenames:

  • Convert title to lowercase
  • Replace spaces and special chars with hyphens
  • Limit length to ~50 characters
  • Ensure uniqueness by appending numbers if needed

Safety Checks

  • Validate URLs before fetching
  • Confirm deletions with users (show path and key details)
  • Maintain backup of index before modifications
  • Handle concurrent access gracefully

Comments

Loading comments...