Skillv1.0.0

ClawScan security

中文记忆优化 (Chinese Memory Optimizer) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 6, 2026, 6:39 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions are coherent with its stated purpose (diagnosing and maintaining OpenClaw memory for Chinese text); it runs local diagnostics and file manipulation with no network exfiltration or unrelated credential requests.
Guidance: This skill appears to do what it claims: local diagnostics and maintenance of OpenClaw memory for Chinese text. Before running: 1) Verify script paths (SKILL.md references SKILL_DIR/scripts/ but files appear at repo root) and run in a safe test environment first. 2) Back up your memory folder and the SQLite DB (~/.openclaw/memory/main.sqlite) before executing non-dry-run operations. 3) Use --dry-run options (add-tags.py has --dry-run; compress-logs.py supports --dry-run; cleanup.sh defaults to dry-run) to see intended changes. 4) Inspect the JSON config patch the skill recommends applying — applying gateway/openclaw config changes affects agent behavior globally. 5) Be cautious with cleanup.sh: it will delete files if run with execution enabled and confirmed. The scripts do not perform network calls or request credentials, but they do read and modify local files, so treat them as privileged local maintenance tools.

Review Dimensions

Purpose & Capability: okName/description match the actions: diagnosing FTS5 unicode61 tokenization, adjusting memorySearch settings, tagging, compressing and cleaning memory files. Declared binary requirements (sqlite3, python3) are appropriate for the included scripts that read the SQLite DB and run Python utilities.
Instruction Scope: noteInstructions operate on local OpenClaw memory paths and the SQLite DB, which is expected. They modify files (add tags, compress, delete) and recommend applying a gateway/openclaw config patch; applying config changes affects agent configuration and should be reviewed. Minor packaging inconsistency: SKILL.md calls scripts via SKILL_DIR/scripts/*.sh but the manifest shows scripts at repository root (diagnose.sh, add-tags.py, etc.), so paths may need adjustment before running.
Install Mechanism: okNo install spec or remote downloads — instruction-only with included scripts. Nothing will be pulled from network during install; runtime uses local binaries (sqlite3, python3).
Credentials: okNo environment variables or credentials are requested. Scripts read standard OpenClaw paths under the user's HOME and workspace; that is consistent with the skill's purpose. They do extract domains/ports from files for tagging (local data handling), but they do not send data externally.
Persistence & Privilege: noteSkill is not always-enabled. It performs file modifications (writing tag lines, compressing files, backups in archive/) and can delete files via cleanup.sh (requires confirmation unless non-interactive). It also instructs using gateway config.patch / openclaw config patch to change memorySearch settings — these changes are system/agent-level and should be reviewed prior to applying.