Skillv1.0.0

ClawScan security

Three-Dimensional Memory · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 23, 2026, 8:33 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's requested actions and files match its stated purpose (organizing AI memory into timeline, conversation backups, and topic folders), but it omits important privacy and retention safeguards when storing full conversation transcripts.
Guidance: This skill is internally coherent and does what it says: it instructs an assistant to persist daily logs, full conversation transcripts, and topic folders to local files. Before installing, consider the privacy risks: full conversation backups can contain secrets, PII, or sensitive business data. Ask how and where the files will be stored (workspace path), whether they will be encrypted at rest, who/what can read them, how long backups are retained, and whether transcripts should be redacted (credentials, API keys, personal data). If you intend to use this in a shared or cloud-mounted workspace, add encryption, access controls, and a retention/rotation policy, or modify the workflow to redact or exclude secrets from backups. The supplied example script writes plain files to the current workspace — review and run it manually first to confirm it behaves as you expect.

Purpose & Capability: okName/description match the behavior: the skill documents a filesystem layout and instructs the agent to write daily logs, conversation backups, and topic folders. No unrelated binaries, env vars, or external services are requested.
Instruction Scope: noteSKILL.md explicitly instructs the agent to save 'every word exchanged' to AI-memory-backup and to write daily logs and topic updates — this is consistent with the purpose but the instructions do not address redaction, encryption, access controls, or retention policies for potentially sensitive conversation transcripts.
Install Mechanism: okNo install spec; instruction-only skill with example shell script. The example script only creates/updates local files and prints guidance — it does not download or execute remote code.
Credentials: okThe skill requests no environment variables, credentials, or config paths. The lack of credential requests is appropriate for a local file-organization/backup skill.
Persistence & Privilege: okalways is false and the skill is user-invocable; the skill does not request elevated or persistent platform privileges. Autonomous invocation is allowed by default but not unusual here.