Safety Report

Notebook

Name: Notebook
Rating: 5 (7 reviews)
Author: TheSethRose

Local-first personal knowledge base for tracking ideas, projects, tasks, habits, and any object type you define. YAML-based with no cloud lock-in.

2,406Downloads

8Installs

7Stars

3Versions

Customer Support1,744 Project Management1,537 Cloud Storage1,005 Notes & Knowledge902

Security Analysis

medium confidence

Clean0.08 risk

The skill appears to do what it says (a local, file-based notebook): it reads/writes YAML/JSON in a workspace folder and contains no network or credential access, but there are small mismatches (undeclared env var usage and some doc vs code path differences) you should be aware of before installing.

Feb 11, 20265 files2 concerns

Purpose & Capabilityok

Name/description (local-first personal knowledge base) match the code: store.js implements local YAML object types, index.json, and per-type object files under a workspace 'notebook' directory. No unrelated cloud APIs or unexpected capabilities are present.

Instruction Scopeok

SKILL.md instructs the agent to define types and manage objects via the CLI. The runtime code performs only filesystem operations to manage types and objects; the instructions do not ask the agent to read unrelated files, network endpoints, or credentials.

Install Mechanismnote

There is no install spec (instruction-only), which is low risk. The package.json/package-lock list js-yaml and uuid as dependencies; if a user chooses to run the CLI they may need to install those. No downloads from untrusted URLs or archive extraction are present.

Credentialsnote

The skill declares no required env vars, but the code reads process.env.CLAWD_WORKSPACE to locate the workspace (optional fallback behavior exists). This is a minor mismatch: the env var is optional and reasonable for configuring workspace location, but it isn't documented in requires.env.

Persistence & Privilegeok

always is false; the skill does not request persistent system privileges or modify other skills. It writes data into a workspace-level 'notebook' directory only and does not alter global agent configuration.

Guidance

This skill is a local, filesystem-based notebook and appears coherent with its description. Before installing, note: - It will create and write files under WORKSPACE/notebook (the code uses CLAWD_WORKSPACE if set, otherwise infers the workspace). Ensure you are comfortable with files being created there and that the agent has write permission. - The code reads an optional CLAWD_WORKSPACE env var but the skill metadata does not list it; if you rely on a custom workspace set that env var. - There are no network calls or credential requests in the code. Dependencies (js-yaml, uuid) are in package.json; if you plan to run the CLI, install dependencies in a controlled environment (or review package-lock) before running. - If you want extra assurance, run the CLI in a sandboxed environment or inspect/execute the files locally rather than granting the agent broad runtime access.

Latest Release

v1.0.2

Version 1.0.2 - Removed unused data files: data/index.json and data/types.yaml. - Updated internal storage logic in lib/store.js to remove reliance on the deleted files. - No user-facing feature changes; all core workflows remain unchanged. - Documentation (SKILL.md) updated for consistency, with no major content changes.

More by @TheSethRose

Agent Browser

412 stars

Vercel Platform

16 stars

Context7 MCP

11 stars

Therapy Mode

10 stars

Pi Admin

3 stars

Reddit Search

3 stars

Published by @TheSethRose on ClawHub