Diary Force
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Diary Force is a coherent diary/analysis tool, but it can store personal diary content in long-term memory and run broad Git push commands that may upload more than the intended diary files.
Install only if you are comfortable with a scheduled diary assistant that can write local diary/memory files and use your Git/OpenCode setup. Before enabling cron or running analysis, edit the paths, inspect what repository would be pushed, and remove or narrow the `git add . && git push` behavior.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the Git repository contains other private notes or changed files, this workflow may commit and push them to the configured remote.
The script changes to the parent of the memory directory and stages all files with `git add .` before pushing, which can include unrelated notes or vault files rather than only the diary or memory entry.
os.chdir(MEMORY_PATH.parent)
os.system('git add . && git commit -m "memory: sync {}" && git push'.format(date))Limit Git operations to the exact diary or memory files, show a diff before committing, and require explicit user confirmation before any push.
The skill can mutate a remote Git repository using the user's existing Git identity, possibly without the user realizing which account or repository is being used.
Running `git push` uses whatever Git account, remote, and credentials are already configured locally, but the skill metadata declares no credential requirement or permission boundary.
os.system('git add . && git commit -m "memory: sync {}" && git push'.format(date))Declare the Git privilege requirement, restrict the remote/repository explicitly, and ask for approval before committing or pushing.
A crafted diary input could potentially interfere with command execution depending on the operating system and shell behavior.
User-controlled diary input is inserted into a prompt that is passed to a subprocess with `shell=True`, which unnecessarily exposes the command to shell parsing risk.
prompt = THINKING_PROMPT.format(user_input=user_input) subprocess.run(["opencode", "run", "--model", "opencode/minimax-m2.5-free", prompt], ..., shell=True)
Use `shell=False`, pass the prompt via stdin or a safely quoted argument, and validate inputs before invoking external commands.
Private diary details may be stored in long-term memory and later reused or synchronized beyond the immediate diary task.
The script can write the full diary content into a long-term memory path, rather than clearly limiting storage to extracted insights or providing retention controls.
MEMORY_PATH = Path("D:/ObsidianVault/ChuQuan/memory")
...
memory_file.write_text(content, encoding='utf-8')Store only user-approved summaries, make the memory path configurable, document retention behavior, and provide an easy way to disable memory writes.
Diary content may leave the local environment for model analysis, depending on the OpenCode configuration.
The thinking-model analysis sends the diary-derived prompt to OpenCode/model tooling. This is disclosed and purpose-aligned, but diary entries can be sensitive.
["opencode", "run", "--model", "opencode/minimax-m2.5-free", prompt]
Review OpenCode's privacy and account settings before using this with sensitive diary entries, and consider a local-only analysis option.
If enabled, the skill may run every night and perform diary, memory, and Git actions without a fresh manual launch.
The skill documents a persistent nightly cron trigger. This is central to the stated habit-reminder purpose, but it means the workflow can run repeatedly in the background once configured.
- schedule: "0 23 * * *" command: "python scripts/diary_force.py auto"
Enable the cron schedule only if you want automatic nightly operation, and remove or disable the cron entry to stop it.
Users may not realize they need extra tools installed, and behavior may vary based on the locally installed OpenCode and Git configuration.
The documentation depends on external local tools, including the latest OpenCode CLI, while the registry metadata lists no required binaries or install spec.
Python | 3.10+ | 运行环境 Git | 任意 | 版本控制 OpenCode CLI | 最新 | 思维模型分析
Declare required binaries in metadata, pin or document supported tool versions, and install only from trusted sources.