Workflowy
ReviewAudited by ClawScan on May 1, 2026.
Overview
This is a clear Workflowy CLI integration, but it needs your Workflowy API key and can read, edit, bulk-change, or delete items in your outline.
Install this only if you trust the external Workflowy CLI and are comfortable giving it API access to your outline. Protect the API key, prefer node-scoped reads when possible, and require confirmation before any command that creates, updates, moves, transforms, bulk-replaces, completes, uncompletes, or deletes content.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent runs an edit, delete, move, transform, or replace command incorrectly, Workflowy content could be changed or removed.
The skill documents destructive and bulk-editing commands. This is purpose-aligned for a Workflowy editor and the delete/bulk risks are disclosed, but misuse could affect many outline items.
workflowy delete <item-id> ... # Delete a node (includes its children!) ... workflowy replace --dry-run "foo" "bar" ... workflowy replace --interactive "foo" "bar"
Ask for explicit confirmation before any write, move, delete, transform, or bulk replace command; prefer dry-run or interactive mode for bulk operations.
Anyone or anything that can use this key through the CLI may be able to access and modify the user’s Workflowy outline.
The skill requires a Workflowy API credential. This is expected and disclosed, and the setup recommends restrictive file permissions, but the credential enables account-level outline access through the CLI.
Get your API key at https://workflowy.com/api-key/, save it to `~/.workflowy/api.key` ... Alternatively, set the `WORKFLOWY_API_KEY` environment variable
Store the key securely, keep chmod 600 on the key file, revoke or rotate the key if it may have been exposed, and only install this skill where you trust the local environment.
The behavior of the installed `workflowy` binary is determined by the external package source, not by the SKILL.md alone.
The skill depends on an external Homebrew-installed CLI rather than code included in the artifact set. This is normal for a CLI wrapper, but users are relying on the upstream formula and binary/source provenance.
brew | formula: mholzen/workflowy/workflowy-cli | creates binaries: workflowy
Review or trust the upstream Homebrew formula and GitHub project before installing, and keep the CLI updated from a trusted source.
Large portions of a private Workflowy outline could be exposed to the local agent session or CLI cache when full-tree methods are used.
The skill can retrieve broad Workflowy outline content through full-tree export and backup/offline methods. That is useful for search, reports, and bulk operations, but may bring private notes into agent context or cached/offline data flows.
`--method=export` | Fast (cached) | ~1 min | Full tree access ... `--method=backup` | Fastest | Stale | Bulk ops, offline
Use specific node queries when possible, avoid full-tree export or backup for highly sensitive outlines unless necessary, and do not treat retrieved outline text as trusted instructions.