bear-notes
Enables users to create, manage, and search Bear notes using the grizzly CLI on macOS.
Install this skill
or
75/100
Security score
The bear-notes skill was audited on Feb 9, 2026 and we found 9 security issues across 2 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 14
Access to hidden dotfiles in home directory
SourceSKILL.md
| 14 | - For some operations (add-text, tags, open-note --selected), a Bear app token (stored in `~/.config/grizzly/token`) |
medium line 20
Access to hidden dotfiles in home directory
SourceSKILL.md
| 20 | 2. Save it: `echo "YOUR_TOKEN" > ~/.config/grizzly/token` |
low line 37
Access to hidden dotfiles in home directory
SourceSKILL.md
| 37 | echo "Additional content" | grizzly add-text --id "NOTE_ID" --mode append --token-file ~/.config/grizzly/token |
low line 42
Access to hidden dotfiles in home directory
SourceSKILL.md
| 42 | grizzly tags --enable-callback --json --token-file ~/.config/grizzly/token |
medium line 65
Access to hidden dotfiles in home directory
SourceSKILL.md
| 65 | 4. `~/.config/grizzly/config.toml` |
medium line 67
Access to hidden dotfiles in home directory
SourceSKILL.md
| 67 | Example `~/.config/grizzly/config.toml`: |
low line 69
Access to hidden dotfiles in home directory
SourceSKILL.md
| 69 | token_file = "~/.config/grizzly/token" |
low line 4
External URL reference
SourceSKILL.md
| 4 | homepage: https://bear.app |
low line 70
External URL reference
SourceSKILL.md
| 70 | callback_url = "http://127.0.0.1:42123/success" |
Scanned on Feb 9, 2026
View Security DashboardGitHub Stars 106
Rate this skill
Categoryproductivity
UpdatedMay 21, 2026
majiayu000/claude-skill-registry