ClawHub

Legacy — Qoris Memory (use qoris-memory-mcp)

v1.0.5

⚠️ LEGACY LISTING. The canonical home for this skill is now qoris-memory-mcp under the @qoris-ai org publisher. Please run: clawhub install qoris-memory-mcp.

0· 96·0 current·0 all-time
byQoris AI@apps-debug
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, declared env vars (QORIS_API_KEY, QORIS_WORKSPACE_ID), mcp endpoint (https://mcp.qoris.ai/mcp), and documented tools all align with a memory-MCP integration. The requested credentials are exactly what you'd expect for a hosted memory service.
Instruction Scope
SKILL.md and mcp-config.json explicitly describe calling the MCP server and list only memory-related tools. Instructions do not direct the agent to read unrelated files, scan system state, or transmit data outside the documented MCP endpoint; they state that only data explicitly passed to tool calls is sent.
Install Mechanism
No install spec and no code files to execute — the skill is instruction-only. This minimizes disk/installation risk.
Credentials
Two environment variables are requested and both are justified (API key and workspace ID). primaryEnv is correctly set to QORIS_API_KEY. No unrelated secrets or excessive env access are requested.
Persistence & Privilege
always is false and autonomous invocation is allowed (platform default). The skill does not request persistent/privileged system modifications or access to other skills' configs.
Assessment
This legacy listing is internally consistent and appears safe in that it only requires a Qoris API key and workspace ID and talks to the documented MCP endpoint. Before installing: prefer the canonical package (qoris-memory-mcp) as recommended in the README; verify you trust the domain (mcp.qoris.ai) and the publisher; provide a least-privilege API key if possible (workspace-scoped, revocable); avoid sending sensitive secrets or PII to the memory tools unless you accept them being stored in Qoris’s service; rotate your QORIS_API_KEY if you suspect compromise.

Like a lobster shell, security has layers — review code before you run it.

agent-memoryvk9733zf80h5by9vgtw7a8jt2wd83yaq5deprecatedvk979p8a3kvzsft6sbbrygrvtn584wcraenterprisevk9723x5d1gxc100mdss3tymbf584tz7yknowledge-basevk9723x5d1gxc100mdss3tymbf584tz7ylatestvk979p8a3kvzsft6sbbrygrvtn584wcralegacyvk979p8a3kvzsft6sbbrygrvtn584wcramcpvk979p8a3kvzsft6sbbrygrvtn584wcramemoryvk979p8a3kvzsft6sbbrygrvtn584wcrapersistent-memoryvk9733zf80h5by9vgtw7a8jt2wd83yaq5ragvk9723x5d1gxc100mdss3tymbf584tz7y

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvQORIS_API_KEY, QORIS_WORKSPACE_ID
Primary envQORIS_API_KEY

Comments