ClawHub
Back to skill
v1.0.0

Memory.Local.Backup

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:33 AM.

Analysis

Review before installing: the skill is coherent and local-only, but it instructs the agent to persist potentially sensitive personal and business information immediately and indefinitely in a home-directory memory folder.

GuidanceThis appears to be a local instruction-only memory skill rather than malware or an exfiltration tool. The main issue is privacy and persistence: it is designed to remember a lot, write quickly, and keep information in ~/memory/. Before installing, decide what should never be saved, require confirmation for sensitive items, and periodically inspect or delete stored memory files.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
_meta.json
"ownerId": "kn73vp5rarc3b14rc7wjcw8f8580t5d1",
  "slug": "memory",
  "version": "1.0.2"

These package metadata values differ from the registry listing shown for the evaluated skill, which lists slug memory-local-backup, version 1.0.0, and a different owner ID.

User impactThe artifact identity is somewhat ambiguous, making it harder to verify that the reviewed files correspond exactly to the registry entry.
RecommendationConfirm the publisher, slug, and version before installing, especially because the skill is intended to manage long-lived personal memory.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityMediumConfidenceHighStatusConcern
SKILL.md
When user shares important information:
1. Write to appropriate file in ~/memory/
2. Update the category INDEX.md
3. Then respond

Don't wait. Don't batch. Write immediately.

This instructs the agent to autonomously persist information it deems important before responding, without a per-item approval step or sensitivity/retention limits.

User impactPersonal, business, contact, or decision information could be saved indefinitely in local memory and reused in later conversations even when the user did not explicitly ask to save that specific detail.
RecommendationInstall only if you want persistent local memory. Ask the agent to confirm before saving sensitive details, periodically review ~/memory/, and define deletion, retention, and do-not-store rules.
Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
setup.md
Would you like me to sync any of that into this new system?

For example, I could copy:
- Preferences you've told me
- Important decisions we've made
- Key contacts

Copying built-in agent memory into ~/memory/ is disclosed and user-directed, but it expands persistent storage of potentially sensitive profile and relationship data.

User impactExisting memories such as preferences, decisions, and contacts may be duplicated into a separate long-term local store.
RecommendationOnly sync categories you are comfortable retaining, and review the synced files after setup.