ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

My Diary

v2.1.5

个人日记管理技能。用于记录日记、查询日记、查看日记列表、删除日记等操作。当用户说"写入日记"、"查看日记"、"列出日记"、"删除日记"时触发此技能。

0· 98·0 current·0 all-time
byStav Cohen@stavc

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for stavc/my-diary-v2.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "My Diary" (stavc/my-diary-v2) from ClawHub.
Skill page: https://clawhub.ai/stavc/my-diary-v2
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install my-diary-v2

ClawHub CLI

Package manager switcher

npx clawhub@latest install my-diary-v2
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description say it manages personal diaries, but the package contains only keyword text files and no instructions, code, or declared dependencies to implement recording, querying, listing, or deleting entries.
!
Instruction Scope
SKILL.md is just a list of keywords; it provides no runtime guidance about how to store, retrieve, protect, or delete diary data, nor does it specify endpoints, files, or agent actions. The instructions are overly vague and grant implicit discretion to the agent.
Install Mechanism
No install spec and no code files — lowest-risk from an installation/execution perspective, but also explains why the skill lacks implementation details.
Credentials
The skill requests no environment variables or credentials (appropriate), but because it deals with sensitive personal content there are no declared storage/encryption requirements or privacy assurances—this omission affects proportionality for handling secrets/data.
Persistence & Privilege
always is false and there are no special privileges requested. The skill will not be force-included and does not request system-level persistence.
What to consider before installing
This skill is internally inconsistent: it claims diary-management capabilities but provides no implementation or instructions. It is not clearly malicious, but it is incomplete and potentially risky for sensitive content because it does not say where or how diary entries would be stored, who can access them, or whether they're encrypted. Before installing, ask the publisher for: (1) the runtime SKILL.md with explicit steps the agent will take (storage location, APIs, or files used), (2) a privacy/security statement (how entries are stored, retention, encryption), and (3) source or homepage and author identity. If you must try it, do so with non-sensitive test entries in a sandboxed environment. If these details are not provided or remain vague, avoid using it for real personal diary content.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cqbnf9hgsz4m5kgmnpf6s3583ym7f
98downloads
0stars
6versions
Updated 3w ago
v2.1.5
MIT-0
Stav Cohen@stavc
latest
Download

My Diary my-diary MyDiary my_diary "my diary" my-diary-v2 My Diary v2 my diary app my diary skill my diary journal my diary entries my daily diary my personal diary my private diary diary journal log

Comments

Loading comments...