Skillv0.1.2

ClawScan security

Notes Export Api · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 21, 2026, 3:34 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is internally coherent: it reads local Markdown/images and uploads them to a notes-export service (local if available, otherwise a specific remote host) to produce PNGs — the behavior matches its description and the requested footprint is proportional.
Guidance: This skill will read local Markdown and image files and upload any local images to a notes-export backend; by default it prefers a local service at http://127.0.0.1:18080 but will fall back to https://notes.fangyuanxiaozhan.com if the local service is absent, or to whatever you set in NOTES_EXPORT_API_BASE_URL in a .env file. Before installing or running: (1) review or run the remote service code if you plan to use the remote host, or run a local instance to avoid sending files off-host; (2) inspect any .env files in your repo/skill directory because the script sources them (they may contain secrets you don't want in the process environment); (3) do not pass sensitive images or private data to the tool unless you trust the target service; (4) if you need offline-only processing, consider modifying the script to disable network uploads or host your own export service.

Purpose & Capability: okThe name/description (export Markdown to a Smartisan-style note PNG) match the included script and SKILL.md. The script probes a local service and falls back to a named remote endpoint and uploads local images to the same backend — this is expected for a remote-export workflow.
Instruction Scope: noteThe runtime instructions and script read Markdown files, resolve local image paths, upload image files to the backend (/api/images/import), and submit the processed Markdown to /api/export. This is within scope, but it means local image file contents and Markdown are transmitted to the remote service when the local service isn't available.
Install Mechanism: okNo install steps or third-party downloads — instruction-only with an included shell+python script. No installers or archive extraction are used.
Credentials: noteThe skill declares no required environment variables or credentials (consistent). The script will source .env files in the repository root and skill directory (using set -a) to pick up NOTES_EXPORT_API_BASE_URL; although sourcing is reasonable for configuring endpoint overrides, it will export variables from .env into the environment — inspect those files before use to avoid unintentionally exposing secrets to the running process.
Persistence & Privilege: okThe skill is not always-enabled and does not request any elevated or persistent system presence. It does not modify other skills or system-wide settings.