bear-notes
Enables users to create and manage Bear notes through the grizzly CLI on macOS, enhancing note-taking efficiency.
Install this skill
or
75/100
Security score
The bear-notes skill was audited on Mar 1, 2026 and we found 9 security issues across 2 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 33
Access to hidden dotfiles in home directory
SourceSKILL.md
| 33 | - For some operations (add-text, tags, open-note --selected), a Bear app token (stored in `~/.config/grizzly/token`) |
medium line 40
Access to hidden dotfiles in home directory
SourceSKILL.md
| 40 | 2. Save it: `echo "YOUR_TOKEN" > ~/.config/grizzly/token` |
low line 60
Access to hidden dotfiles in home directory
SourceSKILL.md
| 60 | echo "Additional content" | grizzly add-text --id "NOTE_ID" --mode append --token-file ~/.config/grizzly/token |
low line 66
Access to hidden dotfiles in home directory
SourceSKILL.md
| 66 | grizzly tags --enable-callback --json --token-file ~/.config/grizzly/token |
medium line 92
Access to hidden dotfiles in home directory
SourceSKILL.md
| 92 | 4. `~/.config/grizzly/config.toml` |
medium line 94
Access to hidden dotfiles in home directory
SourceSKILL.md
| 94 | Example `~/.config/grizzly/config.toml`: |
low line 97
Access to hidden dotfiles in home directory
SourceSKILL.md
| 97 | token_file = "~/.config/grizzly/token" |
low line 4
External URL reference
SourceSKILL.md
| 4 | homepage: https://bear.app |
low line 98
External URL reference
SourceSKILL.md
| 98 | callback_url = "http://127.0.0.1:42123/success" |
Scanned on Mar 1, 2026
View Security DashboardInstall this skill with one command
/learn @lalomorales22/bear-notes