Skillv0.1.5

ClawScan security

Aura for OpenClaw · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 1, 2026, 4:51 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are consistent with its stated purpose (local compilation of documents and a 3‑tier memory); nothing in the package itself requests unrelated credentials or network access, but you should still review the external dependency (auralith-aura) and be cautious about storing sensitive secrets in persistent memory files.
Guidance: This skill appears to do what it says: compile local documents into .aura archives and provide a persistent 3‑tier memory, all via a small set of helper scripts that call the external 'auralith-aura' library. Before installing or using it, consider: (1) Audit the auralith-aura package (PyPI/GitHub) for any telemetry or unexpected network behavior — SKILL.md claims 'zero network requests' but that applies to the skill's code, not to an external dependency you install. (2) Be cautious which directories you ask the agent to 'learn' — it will read whatever path you provide. (3) Persistent memory is stored on disk (~/.aura/memory) — avoid writing long-lived secrets (API keys, private keys, passwords) into memory unless you know how they are encrypted and protected. (4) If you require strict offline guarantees, inspect the auralith-aura source to confirm it performs no network activity at runtime. If you want a safer deploy: limit file paths provided to the skill, restrict filesystem permissions on ~/.aura, and periodically prune or encrypt memory shards.

Review Dimensions

Purpose & Capability: okName/description (compile local docs, provide persistent memory) match the included scripts and SKILL.md. The scripts call into an external 'aura' Python package (auralith-aura) to perform compilation and memory operations — that is expected for this skill. There are no unrelated environment variables, binaries, or config paths requested.
Instruction Scope: noteRuntime instructions tell the agent to run the provided scripts against user-specified directories and .aura files and to write/read memory under ~/.aura/memory. The scripts themselves only do local file I/O and import aura.*; they do not contain network calls. Important operational note: the agent can be asked to compile any directory the user supplies (including sensitive paths) and to write arbitrary strings into persistent memory (including secrets) — that is expected functionality but has privacy implications.
Install Mechanism: okThere is no install spec that downloads arbitrary archives. SKILL.md instructs users to pip install the external 'auralith-aura' package (normal for Python). The skill bundle itself contains only small helper scripts and docs; nothing in the package performs remote downloads.
Credentials: noteThe skill declares no environment variables or credentials (appropriate). It does read and write local files (user-provided input directories and ~/.aura/memory). This is proportionate to the stated purpose, but persistent storage means users can accidentally store sensitive secrets; the skill does not declare any secret-handling or encryption behavior.
Persistence & Privilege: notealways:false (no forced inclusion). The skill stores durable memory shards and WALs under ~/.aura/memory and writes .aura archives to output paths — this is expected. The skill can be invoked autonomously by the agent (platform default). No changes to other skills or system-wide settings are present.