Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
SiYuan Note
v1.0.3SiYuan Note (思源笔记) API client - Complete notebook, document and block management
⭐ 0· 145·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the code and instructions: this is a local HTTP API client for SiYuan Note. Required binary is python3 and the client expects an API token in a local config file. No unrelated credentials, services, or binaries are requested.
Instruction Scope
SKILL.md and the included CLI tools instruct the agent to talk to a SiYuan HTTP API (default http://127.0.0.1:6806), read config.yaml under the skill workspace, and perform notebook/document/block operations. The instructions and code only read the declared config path and interact with the SiYuan API; writing exported Markdown files to disk is expected for export functionality.
Install Mechanism
There is no external install spec (instruction-only). Code files are bundled with the skill. No remote downloads, package installs, or archive extractions are performed by the skill itself.
Credentials
No environment variables or unrelated credentials are requested. The API token is stored in a config.yaml file under the skill workspace (~/.openclaw/workspace/skills/siyuan/config.yaml) which is appropriate for a local client. The code does not attempt to access other system credentials or config paths.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide settings. It runs on demand (user-invocable) and can be invoked autonomously by the agent per platform defaults — this is normal for skills of this type.
Scan Findings in Context
[unicode-control-chars] unexpected: A pre-scan flagged unicode control characters in SKILL.md. The repository's changelog claims this was checked and Chinese/UTF-8 characters are normal; this is likely a false positive (or innocuous invisible chars in metadata). Still, inspect SKILL.md and other docs for hidden/control characters before trusting or redistributing the token-containing config file.
Assessment
This skill appears to do exactly what it claims: it is a local API client for SiYuan Note and only needs python3 plus your SiYuan API token stored in a config.yaml under the skill's workspace. Before installing: 1) Verify you actually run SiYuan locally and that base_url points to 127.0.0.1 (or a host you trust). 2) Inspect SKILL.md and bundled code for any unexpected network endpoints (the code defaults to local host only). 3) Store your API token in the config.yaml file mentioned, and avoid putting the token into shared or public places. 4) The scanner found possible hidden unicode control characters in SKILL.md — open the file in a text editor to confirm there are no suspicious invisible instructions. 5) Because the registry lists the source as unknown, if you want higher assurance compare the included code to the official SiYuan client/repo linked in the README/Homepage and prefer installing from an upstream repo you trust. If you are uncertain, run the tools in a restricted or sandboxed environment.config.example.yaml:10
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
latestvk97er8hamfkn0g0m6xvry3rdyx8388jp
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🧠 Clawdis
Binspython3