Flomo Notes
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: flomo-notes Version: 0.1.0 The skill is designed to save user-provided notes to Flomo via a user-configured webhook. The `SKILL.md` provides clear instructions for the agent to execute `scripts/save_to_flomo.sh` with the note text. The `save_to_flomo.sh` script safely handles user input by using `python3` for JSON encoding, preventing shell or JSON injection, and then uses `curl` to POST the data to the `FLOMO_WEBHOOK_URL` provided by the user. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the agent. All actions are directly aligned with the stated purpose.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the webhook URL is exposed, another person could add notes to the user's Flomo inbox.
The webhook URL is a delegated credential that authorizes posting into the user's Flomo inbox. This is disclosed and necessary for the stated purpose, but it is still a permission boundary the user should protect.
`FLOMO_WEBHOOK_URL` (required) ... Treat the webhook URL like a secret: anyone with it can post into your Flomo inbox.
Store the webhook only in protected per-skill config or environment variables, and rotate it if it appears in logs or shared files.
The note text will leave the local environment and create a Flomo entry at the configured webhook destination.
The script reads note content from stdin and posts it to the configured webhook. This is purpose-aligned, but SKILL.md documents argument-based invocation, so stdin handling should be explicit to avoid failed or unintended sends.
NOTE="$(cat)" ... curl -sS -X POST "$FLOMO_WEBHOOK_URL" ... -d "$JSON_PAYLOAD"
Use the skill only for content the user explicitly wants saved, verify the webhook URL, and update the docs or script so note input is passed consistently.
Installation may appear complete even though the skill will fail until the webhook URL and required local tools are available.
The registry metadata does not declare the webhook credential or runtime binaries, while the included artifacts require FLOMO_WEBHOOK_URL and call curl and python3. This is an under-declared setup requirement, not evidence of hidden behavior.
Required binaries (all must exist): none ... Required env vars: none ... Primary credential: none
Declare FLOMO_WEBHOOK_URL, curl, and python3 in the skill metadata or installation requirements.