ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Memory System Complete

v3.0.0

Complete memory system with causal graph, knowledge graph, auto-detection, and evolution features

0· 99·0 current·0 all-time
by杨兴隆@717986230
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description align with the included code: SQLite-based memory storage, graph modules, auto-detection, and optional LanceDB/Ollama integration. However there are inconsistent version claims across files (registry version = 3.0.0, SKILL.md header = 2.0.0, README references v3.0 features that are not all present in the manifest). Some documentation mentions many additional modules (factor inference, genetic neuron files) that are referenced but not present in the provided file list — this discrepancy is unexpected and worth checking.
Instruction Scope
SKILL.md instructs running post_install commands that create memory/database and execute included Python scripts (init_database_v2.py and verify_install_v2.py). Those scripts will create DB files, tables, sample/verification data, and logs under the skill directory — this is consistent with a local memory system. There are no clear instructions to read unrelated system files or to transmit data off-host, but optional integrations (Ollama, LanceDB) can be configured and could interact over network if enabled. The install actions will execute code on the host, so review scripts before running.
Install Mechanism
There is no external download/install spec embedded in the registry, and all code is included in the package — no remote URLs, no package fetches detected. However SKILL.md includes a post_install block that runs local shell/python commands to initialize the database and verify installation; those commands execute bundled Python scripts which will write files. This is low-to-moderate install risk provided you inspect the scripts first.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. That matches the code excerpts (local SQLite, optional local Ollama/LanceDB). One caveat: enabling Ollama or configuring a non-local Ollama/LanceDB endpoint could cause data to be sent to a remote model/service — the default docs point to localhost, but users must ensure any URL points to a trusted/local endpoint. No unrelated cloud credentials are requested, which is proportional.
Persistence & Privilege
The skill is not marked always:true and is user-invocable (normal defaults). It writes its own local database and files (memory/database/...), which is expected for a memory system. It does not request to modify other skills' configs or system-wide settings in the provided files. Note: because the skill can be invoked by the agent, it may access and modify its local memory DB when used — consider the data you store there.
What to consider before installing
This package appears to implement a local memory and graph system and does not request secrets, but there are a few red flags you should handle before installing/use: - Review the code before running post_install: SKILL.md runs python scripts (init_database_v2.py, verify_install_v2.py) which will create/modify files under memory/database/. Inspect those scripts to confirm no unwanted operations. - Version/manifest mismatches: the registry says v3.0.0 while SKILL.md lists v2.0.0 and README references v3.0 modules not present. Verify which files you actually received and whether any referenced modules are missing or stubbed out. - Optional networked integrations: Ollama and LanceDB support is present; ensure any configured endpoints point to localhost or trusted hosts — do not provide remote credentials or URLs unless you trust them. - Run in an isolated/sandbox environment first (container or VM) and back up any important data before initialization. - If you want higher assurance, ask the author for a minimal checklist: exact files included in the claimed release, and confirmation that verify_install scripts perform only local checks. If you cannot verify, do not run install scripts on production machines. If you want, I can: summarize which specific files mention network calls or external services, list all places where files are written/created by the init scripts, or show the exact lines that create/modify the database so you can review them quickly.

Like a lobster shell, security has layers — review code before you run it.

latestvk9714m6ewms7ab7fqft2vnm9ph84pj90

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments