Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Openclaw Memories
v2.0.1Agent memory with ALMA meta-learning, LLM fact extraction, and full-text search. Observer calls remote LLM APIs (OpenAI/Anthropic/Gemini). ALMA and Indexer w...
⭐ 0· 421·1 current·1 all-time
byArtale@arosstale
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code implements ALMA (local), Indexer (local file indexing), and Observer (remote LLM calls) which matches the skill name/description. However the registry metadata lists no required env vars/credentials while the SKILL.md and the observer code clearly require an LLM API key (OpenAI/Anthropic/Google GEMINI key passed as apiKey). This metadata mismatch is unexpected and should be corrected by the publisher.
Instruction Scope
Runtime instructions and SKILL.md confine network calls to LLM provider APIs (OpenAI, Anthropic, Gemini) and file reads to workspace Markdown files. The Observer sends conversation text to third‑party LLM endpoints (expected behavior). The SKILL.md documents limitations (in-memory DB, simplified ranking) which align with the code.
Install Mechanism
There is no install spec in the registry (instruction-only), and the README suggests installing/publishing via npm or cloning the GitHub repo. No unusual download URLs, extract steps, or native binaries are present; package.json lists no runtime dependencies. Low install risk from this package itself.
Credentials
Observer requires an LLM API key (the code checks process.env.OPENAI_API_KEY or process.env.ANTHROPIC_API_KEY or accepts apiKey in config). The registry metadata nevertheless lists no required env vars, so the skill will operate only if keys are provided but a user or system might not be warned. Also SKILL.md mentions Gemini but does not name a specific environment variable for the Google API key — the code expects the caller to pass apiKey or embed it in the URL. Requiring an LLM key is proportional to the Observer feature, but the metadata omission is a coherence/visibility problem and could lead to inadvertent exposure of keys if misconfigured.
Persistence & Privilege
The skill is not force-included (always: false), does not request system-level privileges, and does not modify other skills or global configuration. It reads files from the workspace only when the indexer is invoked with a workspace path supplied by the caller.
What to consider before installing
This package implements a local meta-learning optimizer and local file indexer plus an Observer that calls third-party LLM APIs. Before installing: (1) be aware the Observer will send conversation text to external LLM endpoints — only provide API keys you trust and scope them appropriately; (2) the registry metadata does not declare the required env vars (OPENAI_API_KEY / ANTHROPIC_API_KEY or passing apiKey), so the platform may not prompt you to supply them — you must supply a key in config or env; (3) the indexer reads Markdown files from whatever workspace path you give it, so point it only at directories you intend it to index; (4) if you need Gemini support, confirm how you will supply the Google key (the SKILL.md omits a named env var); (5) consider testing in a sandboxed environment first and review the upstream GitHub repo (author/email present) for additional context. These are coherence/visibility issues rather than evidence of malicious behavior, but they matter for secure operation.Like a lobster shell, security has layers — review code before you run it.
latestvk97cckvt1bf5zgc335zdddzjc981vstf
License
MIT-0
Free to use, modify, and redistribute. No attribution required.