karakeep

================================================================================

🔵 VERDICT: LOW

This skill is designed to interact with a user-configured Karakeep instance, which inherently involves handling and transmitting sensitive data (API keys) to an external service. While this is the skill's intended functionality, it presents a low-level risk if the configured Karakeep instance is untrusted or compromised. The skill also relies on external dependencies (uv and requests), which are standard and generally trusted, but still represent external code.

Total Findings: 3

🔵 LOW Findings: • Data Exfiltration (API Key Transmission)

• scripts/karakeep-cli.py:10, 40 Evidence snippet: api_key = os.environ.get("KARAKEEP_API_KEY") or os.environ.get("HOARDER_API_KEY") and headers = {"Authorization": f"Bearer {api_key}", "Content-Type": "application/json"}. The skill reads API keys from environment variables or a local config file and sends them in the Authorization header to a user-configured Karakeep instance URL. This is the core functionality but constitutes sending sensitive data to an external server. • Unverifiable Dependencies
• SKILL.md:10, scripts/karakeep-cli.py:5 Evidence snippet: uv run --with requests skills/karakeep/scripts/karakeep-cli.py login and import requests. The skill requires uv to run and uses the requests Python library. While uv and requests are widely used and generally trusted, they are external dependencies that are not part of the skill's direct code.

ℹ️ TRUSTED SOURCE References: • GitHub Commit Reference

• _meta.json:8 Evidence snippet: "commit": "https://github.com/clawdbot/skills/commit/053b049ec27a750affc411e5da45e9faae793a11". This refers to a commit on github.com/clawdbot/skills, which is a trusted GitHub organization. This is an informational reference and does not pose a direct security risk.

================================================================================