critical
suspicious.exposed_secret_literal
- Location
- SKILL.md:494
- Finding
- File appears to expose a hardcoded API secret or token.
Agent Memory Architecture
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.exposed_secret_literal
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI06: Memory and Context PoisoningWhat this means
Private or inaccurate details written into memory files can persist and influence future agent behavior.
Why it was flagged
The skill is designed to persist user and project context across sessions, including personal preferences, relationships, goals, and business information.
Skill content
MEMORY.md ← Long-term curated memory (the brain) ... About [Human] - Name, preferences, timezone, communication style ... Key relationships, roles, goals
Recommendation
Keep these files in a private workspace, review them regularly, avoid secrets, and delete or correct sensitive or inaccurate entries.
NoteMedium Confidence
ASI10: Rogue AgentsWhat this means
Memory files may change during scheduled or automatic maintenance, and those changes can affect later sessions.
Why it was flagged
The README describes automated maintenance during agent wake-ups, which could update persistent memory outside a direct user command if the host environment supports such heartbeats.
Skill content
Heartbeat Integration — automated memory maintenance during agent wake-ups
Recommendation
Enable heartbeat-style maintenance only if desired, keep changes reviewable, and periodically inspect the generated memory files.
NoteLow Confidence
ASI03: Identity and Privilege AbuseWhat this means
If the original file contains a real secret rather than an example placeholder, it would indicate poor credential hygiene, though no user credential access is shown.
Why it was flagged
The static scan reports a possible exposed API key literal, but the supplied evidence is redacted and no code or instructions show use of credentials.
Skill content
- API key: [REDACTED]
Recommendation
Inspect the original SKILL.md line, remove any real secret, and use clearly fake placeholders in documentation.