Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Evernote Yinxiang
v1.0.0印象笔记(Yinxiang/Evernote)集成技能。用于创建、读取、搜索、删除笔记,以及管理笔记本和标签。当用户提到"印象笔记"、"evernote"、"创建笔记到印象笔记"、"搜索印象笔记"、"查看笔记"、"笔记同步"、"保存到印象笔记"时触发。仅依赖 requests,无需安装 evernote SDK。
⭐ 0· 98·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The SKILL.md claims the skill uses only requests and does not require the evernote SDK, but scripts/yinxiang.py imports thrift, evernote.edam modules and certifi. That is inconsistent: the code depends on the Evernote Thrift-based interfaces (and an Evernote SDK package) rather than a simple REST requests client.
Instruction Scope
SKILL.md documents RESTful endpoints and Authorization: Bearer <Token> usage, but the code constructs a Thrift note_store URL (https://{host}/edam/note/{user_id}) and uses a Thrift THttpClient with custom headers. The instructions and the implementation disagree about API shape and auth semantics. The runtime instructions do instruct placing YINXIANG_TOKEN in a .env and to run the script, which the code does read — but the mismatch between docs and code is a scope/integration inconsistency.
Install Mechanism
There is no install spec, yet the script requires external Python packages (thrift, evernote SDK package providing evernote.edam.*, and certifi). Without declared installation steps, an agent or user may need to pip-install packages from PyPI — the skill should declare dependencies or provide a vetted install path. The absence of an install mechanism plus undisclosed dependencies is a risk and operational surprise.
Credentials
Only a single account token (YINXIANG_TOKEN) is used, which aligns with the skill's purpose. However, the SKILL.md explicitly warns the token grants full account access; because the code will send that token to the Evernote/Yinxiang host and uses it with Thrift calls, the token is sensitive. The skill does not request unrelated credentials or config paths.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and has no install-time persistence spec. It reads a local .env in its own directory and environment variables — normal for this type of CLI integration.
What to consider before installing
This skill contains mismatches between its documentation and actual code. Before installing or running it: (1) Confirm the source/origin — there is no homepage or repository link. (2) Inspect and trust the required Python packages (thrift, the evernote SDK package providing evernote.edam.*, and certifi) before installing; prefer installing them in an isolated virtualenv or sandbox. (3) Be aware YINXIANG_TOKEN grants full account access — do not reuse a high-privilege token for testing. (4) Ask the publisher to clarify and update SKILL.md (requests vs Thrift, REST endpoints vs edam endpoints) and to provide a proper install spec (requirements.txt or pip/packaging instructions). (5) If you cannot validate the origin or dependencies, avoid installing or run only in a locked-down environment. If you proceed, verify file permissions on the .env and consider creating a dedicated, limited test account/token.Like a lobster shell, security has layers — review code before you run it.
latestvk977pahsyzfkd9zfbccn4n2g8d83x8w2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.