ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Mood Tracker

v1.0.0

Mood Tracker — Mood Tracker — monitor emotional wellbeing. Personal daily-use tool for tracking and organizing your life. Use when you need Mood Tracker capa...

0· 230·0 current·0 all-time
bybytesagain4@xueyetianya
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implementation: a local mood tracker. One minor inconsistency: SKILL.md lists runtime: python3 and the script uses python3 for small snippets, but the top-level entrypoint is a bash script — the registry metadata lists no required binaries while the code actually needs a POSIX shell and python3.
Instruction Scope
Runtime instructions and the script operate on local files only (default $HOME/.moods or $MOOD_DIR). The commands read/write JSON and markdown journal files and produce local summaries. There are no network calls, hidden endpoints, or attempts to read unrelated system files. (Minor note: tips.md mentions 'export' but no export command exists in the script.)
Install Mechanism
No install spec — this is instruction-only with an included script. That is low-risk since nothing is downloaded or installed automatically. The script will execute locally if the user runs it.
Credentials
No required environment variables or credentials. The script honors an optional MOOD_DIR env var to change the storage location, which is proportionate to its function. No sensitive credentials are requested or used.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent platform privileges. It only writes its own data under the user's chosen directory and does not modify other skills or system-wide configuration.
Assessment
This script is a local-only mood tracker that creates ~/.moods/moods.json and journal files (or a directory you set with MOOD_DIR). It does not contact external servers or request credentials. Before using: (1) verify you have python3 and a POSIX shell available, (2) inspect the script if you want to be sure it meets your policies, (3) consider setting MOOD_DIR if you prefer the data stored somewhere other than your home directory, and (4) back up or export your data if you need portability. Note the small metadata/instruction inconsistencies (runtime declared as python3 while the script is bash + python snippets) — these are likely harmless but worth correcting.

Like a lobster shell, security has layers — review code before you run it.

latestvk972jg5ncqnbjpfa3pejw5zdh182tgpb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments