安全扫描
OpenClaw
可疑
medium confidenceThe skill is largely coherent with a local-only journaling tool, but several utility files needed to fully verify the 'LOCAL-ONLY / no network calls' claim were omitted from the provided review and warrant inspection before trusting the skill.
评估建议
This skill behaves like a local journal CLI and most visible code is consistent with that claim, but you should do two quick checks before installing or running it with real data: (1) Inspect the omitted utility files (utils/storage.py, utils/task_storage.py, maybe timezone) to confirm they do not perform any network calls, invoke unexpected binaries, or read unrelated system paths or environment variables. (2) Confirm that build_customer_dir and related storage functions properly sanitize custo...详细分析 ▾
✓ 用途与能力
Name/description (local CLI journal, analysis, milestones, insights) align with the included command modules: read/write/search/archive/analyze/insights/task persistence under a per-customer directory. No unrelated cloud credentials or binaries are requested.
ℹ 指令范围
SKILL.md and the visible command code focus on local file I/O and returning raw structured data to the caller (LLM). This is coherent, but the skill intentionally returns raw journal text and signal counts to the caller — a privacy-sensitive action (exposes potentially very sensitive personal data to the calling LLM). Also, some commands (insights/analyze) include keyword regexes (e.g., 'burnout', 'overwhelm') which surface mental-health-related signals; the code claims not to draw conclusions, but it does surface sensitive indicators for an LLM to interpret.
✓ 安装机制
No install spec; instruction-only/CLI files are present and nothing will be downloaded or injected during install. This is the lowest install risk.
ℹ 凭证需求
No environment variables, credentials, or config paths are declared or required. However, several utility files referenced by the commands (utils/storage.py, utils/task_storage.py, utils/timezone.py) were omitted from the provided content — those could legitimately access environment variables, external paths, or networking. The lack of declared env vars is appropriate for the stated purpose, but missing utility files prevent a complete verification.
✓ 持久化与权限
Skill is not always-enabled, does not request elevated system privileges, and appears to confine its I/O to a per-customer directory under the user's home. It does not modify other skills or global agent settings.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv2.5.22026/4/11
- Expanded documentation for directory structure and command behaviors. - Added detailed sections on security model, concurrency, and storage format. - All destructive operations (`delete`, `archive --clear`) now require a `--force` flag for extra safety. - Command outputs are now standardized to JSON with `status`, `result`, and `message` fields. - Skill continues to extract only structural and keyword signals, delegating all interpretation to the caller.
● 无害
安装命令
点击复制官方npx clawhub@latest install opc-journal
镜像加速npx clawhub@latest install opc-journal --registry https://cn.longxiaskill.com