← Back to Skills Marketplace
360
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install ynote-clip
Description
网页剪藏到有道云笔记。触发词:剪藏网页、保存网页、收藏网页、ynote clip、clip to ynote、网页摘录。
Usage Guidance
Before installing, review and confirm these items: 1) The embedded DEFAULT_APIFY_TOKEN in twitter-apify.mjs — this allows the skill to use someone else's Apify account (privacy, billing, and abuse risk). Ask the author to remove the hard-coded token and require APIFY_API_TOKEN as an explicit env var. 2) Inspect the base64 payload in static/inject-sdk.fn.js (the atob string) — decode it locally to verify it contains only the intended collect SDK and not hidden exfiltration or remote endpoints. 3) Decide whether you are comfortable the skill asks you to source your shell rc (which exposes any exported secrets) each run; prefer setting YNOTE_API_KEY (and APIFY_API_TOKEN if used) explicitly in the agent's environment rather than relying on sourcing rc files. 4) If you will use the Twitter flow, prefer supplying your own APIFY_API_TOKEN or disable that flow; running with the default token may send scraped content to that third-party account. 5) Consider running the skill in a restricted/sandboxed environment first, and monitor outgoing network calls (especially to apify.com and the MCP endpoint) to ensure they match expectations. If you cannot verify the injected SDK and the embedded token, treat the skill as risky and avoid installing it.
Capability Analysis
Type: OpenClaw Skill
Name: ynote-clip
Version: 1.8.1
The skill bundle contains several high-risk patterns and poor security practices. Most notably, SKILL.md instructs the AI agent to 'source ~/.zshrc' or other shell configuration files to load environment variables, which is a dangerous practice that can lead to the leakage of sensitive credentials or the execution of arbitrary shell aliases/functions. Additionally, twitter-apify.mjs contains a hardcoded Apify API token (apify_api_vsVgnrJKGDCfhfTil8FpBaMaM4vexW1TZocw), and inject-sdk.fn.js uses a base64-encoded string to deliver a large minified JavaScript payload for browser execution. While these features appear intended to facilitate web scraping and clipping to Youdao Note, the combination of environment manipulation, hardcoded credentials, and obfuscated payloads warrants a suspicious classification.
Capability Assessment
Purpose & Capability
Name/description (网页剪藏到有道云笔记) aligns with the scripts and tools: node scripts, a browser injector, and MCP calls to create notes. Required binaries (node, curl, jq, dig) and browser tooling are plausible for the stated functionality. However, the code also integrates Apify (twitter-apify.mjs) and includes a DEFAULT_APIFY_TOKEN hard-coded in the file — this external service is only needed for Twitter/X special handling and the SKILL.md does not declare APIFY_API_TOKEN in requires.env, which is an omission and worth questioning.
Instruction Scope
SKILL.md directs the agent to run multiple shell scripts, write/read /tmp/ynote-clip-data.json, source the user's shell rc (e.g., source ~/.zshrc) to obtain environment variables, call web_fetch, and silently suppress certain errors (e.g., cron check). It intentionally keeps large bodyHtml out of the agent context (good), but it instructs silent failure paths and sourcing user shell files which may expose more of the user's environment than necessary. The twitter path calls Apify; SKILL.md mentions Apify usage but fails to declare APIFY_API_TOKEN as a required env var.
Install Mechanism
There is no install spec (instruction-only + bundled scripts). No network download/install steps are executed by an installer, so install-risk is low. The skill will execute local scripts and Node.js files that are bundled with it.
Credentials
Declared primary credential YNOTE_API_KEY is appropriate. However: (1) twitter-apify.mjs embeds a DEFAULT_APIFY_TOKEN in source code, enabling calls to Apify without the user's token — this is a high-risk hard-coded credential (can be abused or cause third-party charges). (2) SKILL.md and requires.env do not list APIFY_API_TOKEN even though the Twitter flow will use it if present — omission reduces transparency. The scripts also ask users to source shell rc files each run, which can leak any exported secrets present there to the child processes.
Persistence & Privilege
always is false; the skill does not request forced/global inclusion. It does invoke system tools and reads/writes /tmp files and uses openclaw cron/list commands, but it does not modify other skills or system-wide configs. Autonomous invocation is allowed (platform default) and not by itself a concern here.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install ynote-clip - After installation, invoke the skill by name or use
/ynote-clip - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.8.1
有道云笔记收藏网页
Metadata
Frequently Asked Questions
What is YNote Clip?
网页剪藏到有道云笔记。触发词:剪藏网页、保存网页、收藏网页、ynote clip、clip to ynote、网页摘录。 It is an AI Agent Skill for Claude Code / OpenClaw, with 360 downloads so far.
How do I install YNote Clip?
Run "/install ynote-clip" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is YNote Clip free?
Yes, YNote Clip is completely free (open-source). You can download, install and use it at no cost.
Which platforms does YNote Clip support?
YNote Clip is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created YNote Clip?
It is built and maintained by lephix (@lephix); the current version is v1.8.1.
More Skills