ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

smart-auto-note

v1.0.0

语义智能识别自动分类写入Obsidian笔记,支持待办自动归档

0· 94·0 current·0 all-time
by@miaomiao-d

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for miaomiao-d/smart-auto-note.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "smart-auto-note" (miaomiao-d/smart-auto-note) from ClawHub.
Skill page: https://clawhub.ai/miaomiao-d/smart-auto-note
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install smart-auto-note

ClawHub CLI

Package manager switcher

npx clawhub@latest install smart-auto-note
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The stated purpose (semantic classification + append to Obsidian files) matches the code's file-write behavior, but the package metadata and HTML claim background reminders/cron triggers and a message.send tool that the index.js no longer implements. Also the code hardcodes BASE_DIR = '/Users/macbook/Documents/OC_club' instead of using a configurable workspace path — this is brittle and unexpected.
!
Instruction Scope
SKILL.md requests only filesystem RW and describes reminders/cron/archiving behavior. The code implements classification and append-only writes and explicitly avoids network calls, but many described features (reminder persistence, cron handler, reminder creation/synchronization) are referenced in metadata/HTML or comments and are absent or removed from index.js. The SKILL.md does not disclose the hardcoded filesystem path the code uses.
Install Mechanism
No install spec or external downloads are present; this is an instruction-only skill with bundled JS/HTML files. That minimizes supply-chain install risk.
Credentials
No credentials or environment variables are required and the code does only local fs operations, which is proportional. However metadata lists 'message.send' as a required tool and a primaryEnv of 'node' and includes 'openclaw' under system requires — these metadata entries are unnecessary for a purely local fs skill and raise questions about intended privilege (push notifications) that the code doesn't use.
Persistence & Privilege
always is false and the skill does not request elevated system privileges. The metadata declares a cron trigger (handler onCronTick) but index.js does not export or implement that handler; if the platform attempted to call a missing handler it may error. The hardcoded BASE_DIR means the skill creates/modifies files at a fixed path on disk, which is persistent and should be surfaced to the user.
What to consider before installing
This skill appears to perform only local file writes (no network), but there are several red flags you should address before installing: 1) The code hardcodes BASE_DIR = '/Users/macbook/Documents/OC_club' — ask the author to make the base path configurable or confirm it will be changed to a workspace-safe location so it won't create files in an unexpected user path. 2) Metadata claims message.send and a cron trigger (onCronTick) and the HTML advertises a reminder engine, but index.js does not implement reminder logic or onCronTick; ask the author to either implement or remove those declarations. 3) The package metadata and registry version numbers conflict — request a corrected metadata.json and a clear statement of what runtime privileges/tools the skill actually needs. 4) Because the skill will write files, test it in a sandboxed environment (or point it to an empty test directory) before using with your real Obsidian vault. 5) If you rely on reminders/notifications, require the author to show the actual code path that uses message.send and explain what data will be sent. After these clarifications/repairs the skill can be reassessed; as-is the mismatches make it suspicious rather than clearly benign.

Like a lobster shell, security has layers — review code before you run it.

latestvk9755ja2x5jgz3m0r5f9zrwd7n83xaak
94downloads
0stars
1versions
Updated 4w ago
v1.0.0
MIT-0
@miaomiao-d
latest
Download

核心功能

  1. 语义识别用户输入,自动拆分多内容,分类写入对应Obsidian笔记
  2. 支持工作待办/生活待办/工作记录/灵感4类内容分类
  3. 工作待办标记完成后,自动归档到对应工作记录
  4. 防误触、重复内容拦截、自动创建缺失文件兜底

权限要求

  • filesystem(文件系统读写权限)

触发规则

  • 仅待办事项、工作记录、灵感备忘类内容触发技能
  • 提问、闲聊、系统指令等非记录类内容不触发
  • 分类置信度<90%,会发起固定话术的分类确认,不擅自写入

分类说明

  1. 工作待办:未来需完成的工作相关任务,需跟进闭环
  2. 生活待办:未来需完成的个人生活相关事务,需跟进闭环
  3. 工作记录:已完成的工作相关事项、流水、复盘,无需跟进
  4. 灵感笔记:无明确执行要求的想法、创意、备忘,仅留存

写入格式

所有内容均为文件末尾追加写入,不覆盖原有内容,按分类自带日期、时间、标准化格式。

触发方式

自然对话直接触发,无需固定前缀。

Comments

Loading comments...