Research Logger
AdvisoryAudited by Static analysis on May 11, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A crafted research topic could cause the skill to run unintended local code before it performs the web search.
The user-controlled TOPIC value is interpolated directly into Python source code passed to python3 -c. A topic containing quotes and Python syntax can break out of the string and execute Python code under the user's account.
DDG_URL="https://api.duckduckgo.com/?q=$(python3 -c "import urllib.parse; print(urllib.parse.quote('$TOPIC'))")&format=json&no_html=1"Do not embed the topic inside Python source. Pass it as an argument or environment variable, for example using python3 -c with sys.argv, and validate or escape inputs before command execution.
A maliciously crafted topic or web-search result could corrupt the generated note or potentially cause command execution during template rendering.
Search-result text and user inputs are inserted directly into sed replacement programs without escaping sed metacharacters such as delimiters, newlines, backslashes, or flags. On common sed implementations, crafted content can alter the sed script and may trigger command execution features.
SUMMARY=$(cut -f3 "$SEARCH_FILE" | head -3 | tr '\n' ' ' | sed 's/ $//') ... sed -e "s|{topic}|${TOPIC}|g" -e "s|{summary}|${SUMMARY}|g" ... "$TEMPLATE" > "$OUTPUT"Use a safer templating approach that treats all topic and search-result text as data, or rigorously escape sed replacement values before constructing sed expressions.
The skill can add generated content to Bear notes when the agent follows the documented workflow.
The documented workflow creates a Bear note from generated markdown. This is purpose-aligned, but it mutates a local notes application using content partly derived from web results.
cat /tmp/research_note.md | grizzly create --title "Quantum Computing Research" --tag research
Review the generated markdown before saving it to Bear, especially if the topic or search results came from untrusted sources.
The skill may fail or may use whatever grizzly/gifgrep/curl/python3 binaries are already on the user's PATH.
The skill relies on external/local tools, while the registry requirements list no required binaries and there is no install spec. This is an under-declared dependency issue rather than evidence of hidden installation.
Dependencies - OpenClaw agent (for `web_search` / `web_fetch` tool calls) - `grizzly` CLI for Bear note creation - `gifgrep` skill for GIF matching
Install dependencies only from trusted sources and ensure the registry metadata accurately declares required tools.