Lumi Diary
v0.2.0Your local-first memory guardian and cyber bestie. Lumi collects life fragments — a sigh, a snapshot, a roast — and stitches them into radiant, interactive m...
⭐ 2· 265·0 current·0 all-time
by@thhoho
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (local-first memory guardian) match the code and declared permissions. The skill only requires local read/write and an optional LUMI_VAULT_PATH; its features (recording fragments, portraits, export/import capsules, rendering canvases, optional Playwright screenshot) are consistent with that purpose.
Instruction Scope
SKILL.md instructs the agent to call local tools (manage_identity, check_time_echoes, record_fragment, etc.) and to read/write within the vault — this is expected. However, the persona text is long and the package exposes that persona via the MCP adapter (lumi_persona reads SKILL.md). A pre-scan flagged unicode-control-chars in SKILL.md (prompt-injection style pattern); you should review the SKILL.md/persona text for unexpected invisible characters or malicious instructions before enabling the skill.
Install Mechanism
There is no remote download/install step in the skill manifest. Code files and a requirements.txt are bundled in the package (playwright optional). No external or shortened URLs or extraction-from-untrusted-hosts are present in the manifest.
Credentials
Only one environment variable (LUMI_VAULT_PATH) is referenced to set the local vault root; no cloud keys or unrelated secrets are requested. That env var is reasonable for a local-first storage skill.
Persistence & Privilege
The skill does not request always:true and does not modify other skills' configs. It runs as a normal skill (can be invoked autonomously) and includes an optional MCP server adapter — running the MCP server is an explicit action, not automatic.
Scan Findings in Context
[unicode-control-chars] unexpected: A prompt-injection scanner flagged unicode control characters in SKILL.md. The changelog claims earlier removals of such characters, but the pre-scan still detected them. This is not required for the skill's functionality and should be inspected (they can be used to hide or alter persona instructions).
Assessment
Things to check before installing:
- Inspect SKILL.md (system_prompt/persona) for invisible characters or unexpected instructions (the scanner flagged unicode control characters). Remove or sanitize any suspicious control characters.
- Confirm LUMI_VAULT_PATH defaults to a local, non-sensitive folder (do NOT point it at system directories or any cloud-mounted sensitive paths).
- If you plan to run the MCP server (mcp_server.py), understand it opens an interface for local MCP-compatible clients; only enable it if you trust the clients on your machine/network.
- When importing .lumi capsules, review their contents before import to avoid introducing unexpected files; the code claims sanitization, but manual review is prudent.
- Playwright is optional and only used for PNG exports; install it only if you need screenshot export and run it in a low-privilege environment.
Overall this package reads/writes only to its vault and does not request external credentials—appropriate for a local-first diary—but you should still review the persona text and vault path choices before enabling the skill.Like a lobster shell, security has layers — review code before you run it.
circlevk975mv41rsj0sfcqkbvmt67c2x830cmkdiaryvk975mv41rsj0sfcqkbvmt67c2x830cmklatestvk975mv41rsj0sfcqkbvmt67c2x830cmklocal-firstvk97c7zxdax7h4wwbvgpvdxefxn82xyyrmemoryvk97c7zxdax7h4wwbvgpvdxefxn82xyyrnotevk975mv41rsj0sfcqkbvmt67c2x830cmkproductivityvk975mv41rsj0sfcqkbvmt67c2x830cmkrecordvk975mv41rsj0sfcqkbvmt67c2x830cmksocialvk97c7zxdax7h4wwbvgpvdxefxn82xyyr
License
MIT-0
Free to use, modify, and redistribute. No attribution required.