Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Clip to Your Vault
v1.0.0Universal web clipper for Obsidian Vault. Saves content from X/Twitter, WeChat, Douyin, Xiaohongshu, GitHub, and generic web pages. Triggers when user sends...
⭐ 0· 33·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description (Obsidian web clipper) aligns with the SKILL.md: it downloads web content, media, and writes Markdown into an Obsidian vault. It does require access to the user's filesystem (vault.base_path) which is proportionate. However, the registry entry has no homepage/source while setup.sh/README point to a GitHub repo (Gisg/obsidian-clipper) — an ownership/source mismatch worth verifying.
Instruction Scope
Runtime instructions perform network fetches (fxtwitter, down.mptext.top, vxtwitter fallback, douyin/downloader, defuddle/CDP) and download media into the user's vault; this is expected for a clipper. Concerns: (1) it relies on third‑party proxy APIs (fxtwitter, down.mptext.top) which will receive the URLs/content you ask to clip and could log them; (2) Douyin handling requires cookie fetching and running Playwright scripts (sensitive); (3) SKILL.md instructs reading config.yml from the skill directory and writing files into the user's vault — ensure config points to the intended directory. The instructions do not attempt to read unrelated system secrets, but they do enable sending content to external services.
Install Mechanism
There is no formal install spec in the registry, but setup.sh includes a one‑liner comment that pipes a raw GitHub URL to bash and the script performs a git clone from https://github.com/Gisg/obsidian-clipper.git into ~/.claude/skills. Pulling and executing remote code (curl | bash) is high risk. The actual clone target is GitHub (a well‑known host), but the registry owner differs from the GitHub repo author, which is an inconsistency to validate before running any installer.
Credentials
The skill declares no required environment variables or credentials. It does ask for a config.yml with an absolute vault.base_path and optional proxy/tool paths; that is reasonable and proportionate. Be aware optional flows (Douyin cookie fetching, CDP URL, Xiaohongshu proxy) may require additional local tools/config and cookies but the skill does not request unrelated secrets.
Persistence & Privilege
The skill does not request always:true and is user‑invocable only. The installer clones into the user's ~/.claude/skills directory and creates symlinks and a local config file; those are normal for a skill. It does not request to modify other skills or system settings beyond placing files under the user's home.
What to consider before installing
Before installing, verify the authoritative source: confirm the GitHub repo (https://github.com/Gisg/obsidian-clipper) is the intended upstream and that the registry publisher legitimately links to it. Do NOT run any curl | bash one‑liner unless you trust the repo and have inspected the script. Inspect the GitHub repository contents (especially any additional scripts beyond SKILL.md) for unexpected network calls or data exfiltration. Decide whether you are comfortable that third‑party proxy endpoints (fxtwitter, down.mptext.top, vxtwitter, etc.) will see the URLs/content you clip — if not, avoid those handlers or run the skill in a sandbox. When configuring, set vault.base_path to a dedicated directory and review the files the skill writes. If you need higher assurance, manually clone the repo and inspect code before enabling the skill, or request the publisher to provide a homepage/source that matches the registry owner.Like a lobster shell, security has layers — review code before you run it.
latestvk97d7t1t2bh22gxfdc2pg6jn5h841syd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.