meeting-minutes-retriever Security Report — Low Risk | ClawSafe

15 /100

meeting-minutes-retriever

Read meeting minutes or notes from a local file path or URL, or inspect a local meeting-notes directory and report the file count plus file list.

A legitimate meeting minutes retriever skill that uses declared subprocess calls for directory listing and local file/URL reading with no malicious behavior detected.

Skill Namemeeting-minutes-retriever

Duration32.9s

Enginepi

✓

Safe to install

Approve for use. Consider pinning the requests library version for supply chain hygiene.

Findings 2 items

Severity	Finding	Location
Low	Unpinned requests dependency Supply Chain The read_meeting_data.py script imports requests but does not pin to a specific version. This could lead to unexpected behavior if a newer version introduces breaking changes or vulnerabilities. `import requests` → Pin requests to a known-safe version (e.g., requests>=2.28.0) to ensure reproducible behavior.	`scripts/read_meeting_data.py:7`
Low	SKILL.md frontmatter lacks explicit allowed-tools declaration Doc Mismatch The skill's YAML frontmatter does not declare allowed-tools, making it unclear which pi tools are authorized. However, the behavior described in the body is well-scoped. `--- name: meeting-minutes-retriever ...` → Add an allowed-tools list to the frontmatter (e.g., Read, Bash, WebFetch) for clarity.	`SKILL.md:1`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	SKILL.md declares local file reading; read_meeting_data.py implements os.path.ab…
Network	`READ`	`READ`	✓ Aligned	SKILL.md declares URL fetching; read_meeting_data.py implements requests.get()
Shell	`WRITE`	`WRITE`	✓ Aligned	SKILL.md declares OS-appropriate system commands; list_meeting_files.py uses sub…
Environment	`NONE`	`NONE`	—	No os.environ access observed
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`NONE`	`NONE`	—	No browser automation
Database	`NONE`	`NONE`	—	No database access
Skill Invoke	`NONE`	`NONE`	—	No cross-skill invocation

File Tree

6 files · 10.9 KB · 271 lines

Python 2f · 186L Markdown 1f · 79L YAML 1f · 4L Text 2f · 2L

├─ ▾ 📁 agents

│ └─ 📋 openai.yaml YAML 4L · 329 B

├─ ▾ 📁 scripts

│ ├─ 🐍 list_meeting_files.py Python 124L · 3.9 KB

│ └─ 🐍 read_meeting_data.py Python 62L · 2.2 KB

├─ 📄 sample_meeting_gbk.txt Text 1L · 112 B

├─ 📄 sample_meeting.txt Text 1L · 64 B

└─ 📝 SKILL.md Markdown 79L · 4.3 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`requests`	`*`	pip	No	Version not pinned; import in scripts/read_meeting_data.py

Security Positives

✓ Subprocess calls are limited to OS-native file listing commands (find/PowerShell) with no arbitrary command execution

✓ File and URL reading returns data only to the caller, with no exfiltration

✓ No credential harvesting or sensitive path access detected

✓ No obfuscation, base64 encoding, or hidden instructions

✓ Multi-encoding fallback for local file reading is a good robustness practice

✓ Error messages are user-friendly and do not leak system internals

✓ Documentation accurately describes the tool's actual behavior with no mismatches

✓ Subprocess usage is declared in SKILL.md under the Tool Contract section

Scan Report

Findings 2 items

File Tree

Dependencies 1 items

Security Positives