Scan Report
20 /100
lark-openclaw-bridge
Personal memo assistant, triggered when the user message starts with `/private-secretary` or `/ps`. Features: 1. Automatically classifies and appends user input to the corresponding Markdown file in `~/.memo`. 2. Automatically re-classifies and reorganizes all memos under `~/.memo` when the input is 'rearrange'
Single-file SKILL.md describes a memo-classification tool that writes Markdown files to ~/.memo using shell commands, but references a non-existent 'exec' tool not in the allowed-tools mapping and never declares the shell:WRITE permission required.
Safe to install
Rename the 'exec' tool reference to 'Bash' to match the actual allowed-tool name, and explicitly declare filesystem:WRITE + shell:WRITE in the SKILL.md header capabilities section so the permission grant is auditable.
Findings 2 items
| Severity | Finding | Location |
|---|---|---|
| Low | Undeclared shell:WRITE permission Doc Mismatch | SKILL.md:1 |
| Low | Reference to non-existent 'exec' tool Doc Mismatch | SKILL.md:19 |
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | WRITE | ✓ Aligned | SKILL.md: mkdir -p ~/.memo; printf ... >> ~/.memo/{{category}}.md |
| Shell | NONE | WRITE | ✓ Aligned | SKILL.md: 'Use the exec tool to run shell commands' — shell:WRITE permission is … |
File Tree
1 files · 1.6 KB · 31 lines Markdown 1f · 31L
└─
SKILL.md
Markdown
Security Positives
✓ No malicious code present — only a single Markdown documentation file
✓ No credential harvesting or environment variable enumeration
✓ No network calls, data exfiltration, or C2 communication
✓ No obfuscation, base64 encoding, or anti-analysis patterns
✓ No download-and-execute patterns (curl|bash, wget|sh)
✓ No sensitive file access beyond the intended ~/.memo directory
✓ Behavior (write memos to ~/.memo) is straightforward and matches stated purpose