Skills
skills/sundial-org/awesome-openclaw-skills/bear-notes/Gen Agent Trust Hub

bear-notes

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill installs the 'grizzly' CLI tool from an untrusted GitHub repository (tylerwince/grizzly) via 'go install'.
  • [DATA_EXPOSURE] (HIGH): The skill accesses sensitive authentication tokens stored at '~/.config/grizzly/token', exposing user credentials to the agent's environment.
  • [INDIRECT_PROMPT_INJECTION] (MEDIUM): The skill reads note content from Bear, which may contain untrusted instructions. 1. Ingestion points: 'grizzly open-note' and 'grizzly tags' commands in SKILL.md. 2. Boundary markers: None present to distinguish data from instructions. 3. Capability inventory: Ability to create notes and append text to existing notes. 4. Sanitization: No evidence of input escaping or validation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 01:01 PM