Back to skill
Skillv1.0.0
VirusTotal security
Auto Memory Pro · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:14 AM
- Hash
- 4b7741218ffe98acd5ece66a73494a2b8124e1c8a88db477b982a4dc3b162af1
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: auto-memory-pro Version: 1.0.0 The bundle implements a high-risk PostToolUse hook (hooks/error-capture.sh) that monitors all bash command output (CLAUDE_TOOL_OUTPUT) to capture errors into the agent's memory, which could inadvertently expose sensitive data or secrets printed to the console. Additionally, the skill's core functionality involves modifying the agent's primary instruction files (CLAUDE.md and .claude/rules/), providing a mechanism for persistent behavior modification. While these capabilities are aligned with the stated purpose of curating 'auto-memory,' the combination of broad file system access to ~/.claude/projects/ and the monitoring of tool outputs represents a significant risk profile.
- External report
- View on VirusTotal