Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
thecede
v1.0.0Access and manage your persistent knowledge graph for storing, retrieving, linking, and summarizing facts, decisions, goals, and observations across sessions.
⭐ 0· 70·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (persistent knowledge graph) matches the SKILL.md: the document describes storing, searching, traversing, and briefing a knowledge graph via cortex_* calls. There are no unrelated required binaries, env vars, or install steps that would be unexpected for this purpose.
Instruction Scope
SKILL.md limits runtime actions to calling cortex_store/search/recall/briefing/traverse/relate and gives concrete argument schemas; it does not instruct reading arbitrary files or unexpected env vars. However, the guidance explicitly suggests storing 'credentials' and high-importance items in the graph, which expands the scope of data captured and reused across sessions and could surface secrets to future prompts or other agents if backend controls are lax.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk or fetched during install by the skill itself. This minimizes installation-time risk. The actual runtime behavior depends on whether the host platform provides the Cortex tool implementations.
Credentials
The skill declares no required environment variables or credentials, which is proportionate, but its explicit recommendation to store credentials and architectural secrets at high importance is a security concern: storing long-lived secrets in a shared persistent memory requires strong justification and clear storage/access controls (encryption, per-agent scoping, access logs, retention policies), none of which are described here.
Persistence & Privilege
The skill does not request 'always: true' and is user-invocable; it doesn't claim to modify other skills or system-wide settings. Its persistent behavior is the intended feature (graph memory), but you should confirm the platform's runtime isolation and whether stored nodes are scoped to agent_id or shared globally.
Assessment
This skill is internally consistent as a memory/graph tool, but before you install or trust it with sensitive data, ask the provider/maintainer these questions: (1) Where and how is the graph stored? Is it encrypted at rest and in transit? (2) How are nodes scoped — by agent_id, user, or globally? Could other agents or users read them? (3) What retention, decay, deletion, and audit/logging controls exist? (4) Are there safeguards to prevent automatic retrieval of secrets into future prompts? If you cannot get clear answers, do not store credentials or other secrets in this memory; test with non-sensitive notes first.Like a lobster shell, security has layers — review code before you run it.
latestvk97cea1xyyjrwzprs3ym8jmct5839j5h
License
MIT-0
Free to use, modify, and redistribute. No attribution required.