Skillv1.0.0

ClawScan security

diary-conversation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 3, 2026, 1:29 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's purpose (guided diary creation with image support) matches most of its files and instructions, but there are implementation and scope inconsistencies you should understand before installing.
Guidance: This skill appears to be what it says: a local diary assistant that writes Markdown files and saves images under a journals/ directory. Before installing, consider: 1) The agent will create and modify files (journals/YYYY-MM/*.md and journals/index.json) and save uploaded images to journals/YYYY-MM/images/ — ensure you are comfortable with those filesystem writes and their location. 2) The SKILL.md and references assume external tools (e.g., ImageMagick's convert, shell commands, and a scripts/update_index.py) that are not declared or bundled; thumbnail generation and some example commands may fail unless those tools/scripts are present. 3) The included save_image implementation prints paths but does not actually copy files; other referenced helper scripts are missing — the implementation is partially illustrative, so behavior may differ from the docs. 4) The guidance to 'directly modify' user content when asked risks the agent making edits without reconfirmation — prefer explicit confirmation before writes. 5) Images and local file paths can contain sensitive data; enable encryption/backup and restrict sharing if needed. If you want this skill, test it in a controlled directory, verify which external tools are required, and confirm explicit prompts/consent for each write operation. If any cloud backup features will be enabled, configure them yourself and supply credentials only when you trust the destination.

Review Dimensions

Purpose & Capability: okName/description, SKILL.md, references and the included Python script are all consistent with a local diary-creation skill that guides conversation, generates prose, stores Markdown files and images, and maintains an index. Required permissions and dependencies declared are minimal (none), which fits a local-only diary tool.
Instruction Scope: concernThe runtime instructions direct the agent to create directories, write Markdown files, save images into journals/YYYY-MM/images/, and update journals/index.json. That is expected, but SKILL.md also: (1) encourages modifying files directly when a user requests edits ('直接改，不要问"您想修改哪里"'), which could cause the agent to make filesystem changes without explicit per-change confirmations; (2) references processing outside the included code (thumbnail generation using 'convert', an external scripts/update_index.py) and assumes access to local file paths or downloads from URLs. These behaviors expand the agent's write/read scope on the local filesystem and rely on external tools not declared in requirements.
Install Mechanism: okThis is an instruction-only skill with no install spec and no downloads. That is low risk; nothing will be written to disk beyond the script files that come bundled. However, optional commands in the docs (ImageMagick 'convert', cp, tar) are referenced but not enforced.
Credentials: okThe skill requests no environment variables, no credentials, and no config paths. That is proportionate for a local diary and image-saving tool. References mention optional cloud backups requiring user configuration, but cloud access is not required by the skill as provided.
Persistence & Privilege: notealways is false and the skill doesn't request elevated system privileges. It does write and update files under a journals/ directory (creates directories, writes index.json), which is expected. Autonomous model invocation is allowed by default (disable-model-invocation: false) — this is normal for skills but means the agent could autonomously perform the file I/O behaviors described unless restricted by the platform.