← 返回 Skills 市场

Google Keep

Name: Google Keep
Author: vacinc

作者 VACInc · GitHub ↗ · v1.0.3

cross-platform ✓ 安全检测通过

2731

总下载

当前安装

版本数

在 OpenClaw 中安装

/install gkeep

功能描述

Google Keep notes via gkeepapi. List, search, create, and manage notes.

使用说明 (SKILL.md)

gkeep

CLI wrapper for Google Keep using gkeepapi (unofficial API).

Setup

gkeep login [email protected]

Important: Use an App Password, not your regular password. 2FA must be enabled.

Commands

List notes:

gkeep list
gkeep list --limit 10

Search:

gkeep search "shopping"

Get a specific note:

gkeep get \x3Cnote_id>

Create a note:

gkeep create "Title" "Body text here"

Archive:

gkeep archive \x3Cnote_id>

Delete (trash):

gkeep delete \x3Cnote_id>

Pin:

gkeep pin \x3Cnote_id>

Unpin:

gkeep unpin \x3Cnote_id>

Notes

This uses an unofficial API that reverse-engineers Google Keep
Could break if Google changes their internal API
Token stored in ~/.config/gkeep/token.json
First run bootstraps a local venv at skills/gkeep/.venv
Active project with recent updates (as of Jan 2026)

安全使用建议

This skill appears to do what it says: a CLI wrapper around gkeepapi that stores a local token in ~/.config/gkeep/token.json. Before installing or running it: 1) Verify you trust the package source (the repo homepage is provided). 2) Prefer using a Google App Password as recommended; avoid placing your account password in environment variables. 3) Note the bundle includes package.json with a postinstall script — running npm install or package postinstall will execute commands to create a venv and install Python dependencies, so only do that from a trusted source. 4) Inspect or backup the token file and consider revoking the app password/token in your Google account if you stop using the skill. 5) Small inconsistencies (venv path and package bin name) look like packaging/documentation issues rather than malicious behavior, but confirm install/run steps match how you plan to use it.

功能分析

Type: OpenClaw Skill Name: gkeep Version: 1.0.3 The OpenClaw skill bundle for Google Keep is benign. It provides a CLI wrapper for managing Google Keep notes using the `gkeepapi` library. The `SKILL.md` instructions are clear and do not contain any prompt injection attempts. The `gkeep.py` script handles Google Keep authentication tokens responsibly by storing them in `~/.config/gkeep/token.json` with restrictive file permissions (0o600). The `package.json`'s `postinstall` script performs a standard Python virtual environment setup and dependency installation from `requirements.txt`, which only lists the legitimate `gkeepapi` library. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or obfuscation.

能力评估

✓ Purpose & Capability

Name, description, and the provided Python CLI (gkeep.py) implement Google Keep operations via gkeepapi (list, search, create, archive, delete, pin, etc.). Required binaries list includes 'gkeep', which matches the CLI provided. No unrelated services or credentials are requested.

ℹ Instruction Scope

SKILL.md stays on-purpose (login, list, search, create, manage notes). It documents the use of an app password and that tokens are stored at ~/.config/gkeep/token.json. Minor mismatch: SKILL.md says first run bootstraps a venv at 'skills/gkeep/.venv' but package.json/postinstall would create '.venv' in the package directory — the runtime code itself does not reference that venv path. No instructions ask to read or exfiltrate unrelated files.

ℹ Install Mechanism

There is no explicit install spec provided to the platform (instruction-only), which is low-risk. However, the bundle includes a package.json with a postinstall script that will create a Python venv and pip-install requirements if an npm install were run. That postinstall is not executed by the platform by default but is important to notice if you manually install via npm or run package scripts.

ℹ Credentials

The skill declares no required environment variables, which is appropriate. The code does read an optional GKEEP_PASSWORD env var during login (fallback to interactive prompt) but this env var is not declared in metadata — benign but a minor documentation gap. Tokens (keep.getMasterToken()) are saved to ~/.config/gkeep/token.json with 0o600 permissions per the code, which is expected for local credential storage.

✓ Persistence & Privilege

always:false and normal invocation settings. The skill persists a token in the user's home config directory (expected for a CLI client) and may create a local venv when installed/run; it does not request system-wide privileges or modify other skills.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install gkeep
安装完成后，直接呼叫该 Skill 的名称或使用 /gkeep 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.3

Updated metadata and author to use openclaw instead of clawdbot

v1.0.2

Update metadata: clawdbot → openclaw

v1.0.1

Self-bootstrapping launcher; pin/unpin support

v1.0.0

Initial release of gkeep skill. - Access Google Keep notes via the gkeepapi unofficial API. - Features CLI commands to list, search, view, create, archive, and delete notes. - Requires Google login with an App Password (2FA enabled). - Stores authentication token securely in user config directory. - Note: Uses an unofficial API and may break if Google changes its service.

元数据

Slug gkeep

版本 1.0.3

许可证 —

累计安装 8

当前安装数 6

历史版本数 4

常见问题

Google Keep 是什么？

Google Keep notes via gkeepapi. List, search, create, and manage notes. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 2731 次。

如何安装 Google Keep？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install gkeep」即可一键安装，无需额外配置。

Google Keep 是免费的吗？

是的，Google Keep 完全免费（开源免费），可自由下载、安装和使用。

Google Keep 支持哪些平台？

Google Keep 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Google Keep？

由 VACInc（@vacinc）开发并维护，当前版本 v1.0.3。