Skillv0.1.2

ClawScan security

Remember Me · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 12, 2026, 5:14 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and instructions match its stated purpose (remembering user preferences and notes); it asks for no credentials or installs and is internally consistent, though you should confirm where and how the agent will persist those memory files on your system.
Guidance: This skill appears to do what it says: classify and persist user preferences/goals and use them to personalize responses. Before installing, verify where the agent will store memory files (the SKILL.md references memory/YYYY-MM-DD.md and MEMORY.md) and ensure that location meets your privacy requirements. Confirm that the agent enforces the 'Explicit Exclusions' (no raw conversation logs, no sensitive identity attributes without consent) and that it provides an easy way to list, export, and delete stored memories. Also check for any missing referenced files (promotion-checklist.md and profile-schema.md are cited but not included) and ask the skill owner how they are implemented. If you share the environment with others or need strict data isolation, delay enabling long-term memory until you understand the storage and access controls.

Review Dimensions

Purpose & Capability: noteThe skill's name/description (user memory, preferences, goals) aligns with the instructions (classify signals, append daily notes, promote to long-term memory). It requests no credentials, binaries, or installs, which is appropriate. Minor inconsistency: the SKILL.md expects the agent to write/read files (memory/YYYY-MM-DD.md, MEMORY.md and references/*), but the skill metadata lists no required config paths—confirm where the platform will store these files and whether that location is acceptable.
Instruction Scope: noteInstructions explicitly direct the agent to collect, classify, and persist user-related data (daily and long-term notes), and to read memory when answering. This is coherent with the purpose. The doc also forbids storing sensitive attributes and raw logs and prescribes consent/confirmation steps, which reduces risk. Ensure the agent's implementation actually honors those exclusions and that probes/check-ins are limited as described.
Install Mechanism: okThere is no install spec and no code files to execute; this is instruction-only, which is the lowest install risk. Nothing is downloaded or written by an installer according to the metadata.
Credentials: okThe skill requests no environment variables, credentials, or external service tokens—proportional to a local memory manager. There are no surprising credential asks.
Persistence & Privilege: noteThe skill is not marked always:true and does not request elevated privileges, but the instructions rely on persistent storage (creating and reading memory files). That persistence is expected for a memory skill, but you should verify storage location, retention policy, access controls, and deletion behavior on the host/agent before enabling long-term memory.