Skillv1.0.0

ClawScan security

Agent Reflective Memory · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 19, 2026, 3:15 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions are broadly coherent with its stated purpose (a local reflective memory engine); it has no network calls or credential requests, but the SKILL.md and the included file have a minor mismatch and you should review local storage handling before use.
Guidance: This skill appears to do what it claims and has no network/callouts or secret requirements, but take these precautions before installing: 1) Fix the filename mismatch—SKILL.md references agent_reflective_memory.py while the included script is tool.py (run `python tool.py ...` or rename the file). 2) Review the code yourself; it writes memories to memory_store.json in the current directory—ensure this file is stored securely (permissions, encryption) and do not store secrets in experiences. 3) The LLM integration is mocked; if you replace it with a real API, you'll need to add/secure API credentials. 4) Test in an isolated environment before giving it access to production agents. If you want higher assurance, ask the publisher for a README matching filenames and for details about how memory is protected at rest.

Review Dimensions

Purpose & Capability: okName/description (reflective memory for agents) matches the provided code: local store, summarization/reflection, query and stats functionality. No unrelated credentials, binaries, or cloud access are requested.
Instruction Scope: noteSKILL.md usage examples call python agent_reflective_memory.py, but the repository contains tool.py (whose internal docstring also references agent_reflective_memory.py). This filename mismatch will cause user confusion or runtime failures unless the file is renamed or the command adjusted. Aside from that, the instructions do not ask the agent to read unrelated system files or exfiltrate data.
Install Mechanism: okNo install spec provided (instruction-only with an included script). No downloads, package installs, or external installers are used, so the install risk is low.
Credentials: noteThe skill requires no environment variables or external credentials, which is proportional. However, it persists experiences to memory_store.json in the current working directory: those stored entries may contain sensitive user data or secrets if the agent logs such content. Users should treat stored memories as potentially sensitive and protect/encrypt or avoid storing secrets.
Persistence & Privilege: okalways is false and the skill does not request elevated or persistent platform-wide privileges. It only reads/writes its own persistence file (memory_store.json) and does not modify other skills or system-wide agent settings.