← 返回 Skills 市场
fanxing-6

Siyuan Notes Skill

作者 fanxing · GitHub ↗ · v0.1.0 · MIT-0
cross-platform ⚠ suspicious
330
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install siyuan-notes-skill
功能描述
思源笔记工具——搜索、阅读、编辑、组织用户的笔记。Use when user says: 搜索笔记、查找文档、打开文档、阅读笔记、编辑笔记、创建文档、修改块、思源笔记、SiYuan、整理文档、管理标签、Daily Note、反向链接、最近修改、PMF补丁、SQL查询blocks。不要用于与思源笔记无关的通用编程或...
安全使用建议
This skill appears to implement a legitimate SiYuan notes CLI, but there are a few red flags you should check before installing or enabling write-capability: - Expectation vs declaration: The skill requires SIYUAN_SERVER and SIYUAN_TOKEN (and an environment flag SIYUAN_ENABLE_WRITE to allow edits), but the registry metadata did not declare any required environment variables or primary credential. Treat that as a metadata omission — confirm you must provide these values before use. - Sensitive credentials: Only provide SIYUAN_TOKEN to this skill if you trust the code and the agent runtime. With that token the skill can read and (if you enable writes) modify your SiYuan content. Keep SIYUAN_ENABLE_WRITE=false unless you intentionally want to allow edits. - Disk persistence: The tool records 'read' marks and caches state on disk. Ask or inspect index.js to learn where that cache is stored if you care about local persistence or multi-user environments. - Arbitrary queries and exports: The JS API exposes executeSiyuanQuery and apply-patch/PMF flows. Those are useful for advanced tasks but also allow wide read access (SQL) and bulk edits. Do not run this skill against an untrusted or remote SiYuan instance without reviewing the code and limiting network exposure. - What to do next: review the index.js and any network-related code to confirm there are no unexpected external endpoints; confirm where cached/read-mark files are written; only set SIYUAN_ENABLE_WRITE=true in trusted contexts; and ideally ask the skill author to update registry metadata to declare required env vars (SIYUAN_SERVER, SIYUAN_TOKEN, SIYUAN_ENABLE_WRITE) and document cache paths. If you cannot review the code, treat it as read-only by leaving SIYUAN_ENABLE_WRITE unset/false and avoid running SQL queries that might exfiltrate data.
功能分析
Type: OpenClaw Skill Name: siyuan-notes-skill Version: 0.1.0 The bundle is a comprehensive and well-documented tool for interacting with the SiYuan Notes API. It provides extensive functionality for searching, reading, and editing notes, including a sophisticated 'Write Safety Protocol' that uses optimistic locking (version checks) to prevent data loss, managed via a local cache file (`.siyuan-read-guard-cache.json`). While it possesses high-risk capabilities such as executing SQL queries against the SiYuan database and performing version checks via GitHub (`api.github.com`), these behaviors are transparently documented and strictly aligned with the stated purpose. No evidence of malicious intent, data exfiltration, or harmful prompt injection was found.
能力评估
Purpose & Capability
The name, description, README and code consistently implement a SiYuan notes helper (search/read/edit/organize, PMF, SQL queries). Requiring Node.js and an accessible SiYuan kernel is expected. However the skill metadata lists no required environment variables or primary credential even though the README/SKILL.md and code expect SIYUAN_SERVER, SIYUAN_TOKEN and SIYUAN_ENABLE_WRITE (and optional SIYUAN_OPEN_DOC_*). That omission is an incoherence between claimed metadata and actual capability.
Instruction Scope
SKILL.md instructs the agent to run Node CLI commands that will: call the SiYuan API, mark documents as 'read' (side effect), persist read-mark cache to disk, and execute arbitrary SQL queries via executeSiyuanQuery. These actions are within the stated SiYuan purpose, but instructions also imply on-disk state and potential for large exports (full PMF) and SQL execution that could be used to read many records — the SKILL.md does not document where read-mark cache is stored or other file paths, which is a privacy/operational concern.
Install Mechanism
There is no install spec (instruction-only at registry level), and the skill ships code files (Node.js). No remote download/install script in the registry manifest was detected. Running the skill requires Node.js available in the agent environment; that is reasonable for a Node CLI-based skill. No high-risk external download or obfuscated installer was found in the provided files.
Credentials
The skill requires access to the SiYuan server and token (SIYUAN_SERVER, SIYUAN_TOKEN) and a write-enable flag (SIYUAN_ENABLE_WRITE) according to README/SKILL.md and code, but the registry metadata lists no required environment variables or primary credential. This mismatch is problematic: sensitive credentials are needed for normal operation but were not declared. Other env vars referenced (e.g., SIYUAN_OPEN_DOC_CHAR_LIMIT) are optional. The number and sensitivity of env vars is proportionate to the skill's function but must be explicitly declared so users know which secrets will be used.
Persistence & Privilege
The skill does not request 'always:true' and does not declare system-wide privileges. It does persist a 'read' marker cache to disk (SKILL.md), and write operations can modify user documents when SIYUAN_ENABLE_WRITE=true. Autonomous invocation is permitted by default (normal), so combined with write capability the skill could perform write operations if the environment variable enabling writes is set. That is expected for an editor skill but the precise cache path and persistence behavior are not documented in the metadata.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install siyuan-notes-skill
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /siyuan-notes-skill 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
siyuan-notes-skill v0.1.0 - Initial release with detailed usage guide in SKILL.md. - Supports searching, reading, editing, organizing, and querying notes in SiYuan. - Includes command strategy selection, write safety protocol, and comprehensive command reference. - Provides step-by-step examples for common patterns like searching, editing, inserting, and restructuring notes. - Clarifies intent-based best practices to prevent data loss and version conflicts.
元数据
Slug siyuan-notes-skill
版本 0.1.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Siyuan Notes Skill 是什么?

思源笔记工具——搜索、阅读、编辑、组织用户的笔记。Use when user says: 搜索笔记、查找文档、打开文档、阅读笔记、编辑笔记、创建文档、修改块、思源笔记、SiYuan、整理文档、管理标签、Daily Note、反向链接、最近修改、PMF补丁、SQL查询blocks。不要用于与思源笔记无关的通用编程或... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 330 次。

如何安装 Siyuan Notes Skill?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install siyuan-notes-skill」即可一键安装,无需额外配置。

Siyuan Notes Skill 是免费的吗?

是的,Siyuan Notes Skill 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Siyuan Notes Skill 支持哪些平台?

Siyuan Notes Skill 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Siyuan Notes Skill?

由 fanxing(@fanxing-6)开发并维护,当前版本 v0.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论