Skillv1.0.0

ClawScan security

Personal Memory System Published · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 12, 2026, 1:32 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (syncing a local MEMORY.md into a local SQLite DB) and do not request external credentials or network access, but it uses hard-coded paths and overwrites the DB on each sync so review before enabling.
Guidance: This skill appears to do what it says — local Markdown → SQLite sync — but review and possibly modify it before installing: (1) The script uses absolute, user-specific paths (/home/awu/...), so change them to your workspace path or make them relative to avoid writing to an unexpected location. (2) The script deletes all records and reinserts on each sync; back up your existing memory.db if present and decide whether you prefer incremental updates. (3) Confirm how OpenClaw will trigger the script (heartbeat/autonomous invocation) so you know when syncs run. (4) Because this skill stores personal data locally, check file permissions and backups. If you are not comfortable editing the script, do not enable automatic runs until you verify the paths and behavior.

Review Dimensions

Purpose & Capability: noteName and description claim local-only Markdown→SQLite sync; the included script and SKILL.md implement exactly that. Minor inconsistency: SKILL.md lists memory.db as a required existing file, but the script will create memory.db if missing. The use of absolute, user-specific paths (/home/awu/.openclaw/workspace-work/...) is brittle and surprising for a generic skill.
Instruction Scope: noteInstructions and the script stick to the stated scope: they read MEMORY.md, parse '###' blocks, and write to memory.db. Concerns: (1) both SKILL.md and the script hard-code the same absolute paths, which limits portability and could cause accidental reads/writes if your workspace is elsewhere; (2) the script clears the entire memories table (DELETE FROM memories) and reinserts on each sync, which can lead to data loss or lost metadata if not expected; (3) SKILL.md asserts the script runs on every heartbeat but does not describe how OpenClaw will schedule it—ensure you understand the agent behavior before enabling automatic runs.
Install Mechanism: okNo install spec — instruction-only skill with a small included Python script. No downloads, no external packages, and nothing is written to disk by an installer. Lower installation risk, but review the included script before use.
Credentials: okNo environment variables, credentials, or external config paths are requested. The skill only accesses local files (MEMORY.md and memory.db) consistent with its purpose.
Persistence & Privilege: okalways is false and the skill does not request elevated persistence or modify other skills or global agent config. It can be invoked by the agent (normal behavior) but does not demand permanent inclusion or extra privileges.