Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
brain 大脑
v1.1.4AI Agent记忆系统v1.1.4:推翻传统三省六部制 + 感知直觉判断 + 子agent能力路由,让AI从"记不住"到"超有默契"!
⭐ 3· 249·1 current·1 all-time
by🇨🇳王柏懿@384961890-ui
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description claim a memory/agent-routing system; the SKILL.md provides templates and a startup/read-write workflow that clearly implement that purpose. No unexpected libraries or unrelated binaries are requested.
Instruction Scope
The instructions require reading and writing many local files (SNAPSHOT.md, SOUL.md, USER.md, various memory logs, work buffers) and enforce a strict startup sequence that must 'not be skipped.' They also define proactive triggers (new mail/message, reminders after inactivity) and recommend writing persistent logs and vector memories. That requires wide access to user data and active monitoring; the skill does not constrain or explain how external inputs (email/messages) are accessed, creating scope creep and privacy risk.
Install Mechanism
Instruction-only skill with no install spec or external downloads. No code files to execute were included, which reduces immediate supply-chain risk.
Credentials
The skill declares no required environment variables or credentials, but the content references optional external components (memory-lancedb-pro vector DB) and proactive checking of messages/emails. Those features would typically require connectors/credentials. The absence of declared env vars is a mismatch — if the agent uses existing connectors, it may prompt for or reuse credentials from the environment, which the skill does not disclose or justify.
Persistence & Privilege
always:false (not force-included), and autonomous invocation is allowed (the platform default). The skill promotes proactive behavior (push notifications, periodic checks), which increases privacy/notification surface if the agent has permission to act autonomously. No direct modification of other skills or system-wide configs is requested.
What to consider before installing
This skill is coherent with being an agent memory/router, but it instructs the agent to read/write many personal files and to act proactively (notify on new messages, reminders). Before installing: 1) Confirm where SNAPSHOT.md, USER.md, memory/ etc. will be stored and who can access them; these may contain PII. 2) Ensure the agent's connectors (email, messaging, or any vector DB) require explicit credentials and that you understand which credentials will be used — the skill does not declare or request them. 3) If you don't want the agent to act on its own, consider disabling autonomous invocation or restricting triggers. 4) Audit any created logs regularly and apply least-privilege for storage/backups. If you need the functionality but want lower risk, ask the maintainer to explicitly document required connectors, credential usage, and data retention policies.Like a lobster shell, security has layers — review code before you run it.
latestvk973akbyd79w1jxq3vc2de8rdd84wq3q
License
MIT-0
Free to use, modify, and redistribute. No attribution required.