ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

smart-memory-manager

v1.0.1

Intelligent memory management for agents with short/long-term memory layering, semantic search, auto summarization, RAG enhancement

1· 441·0 current·0 all-time
by@ayalili
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name/description and the code align: it implements short/long/important memory layers, search, summarization, and save/load persistence. File I/O and simple semantic/keyword search are reasonable capabilities for a memory manager.
!
Instruction Scope
SKILL.md and the API expose load/save with an unrestricted persistPath parameter. The implementation uses Deno.readTextFile to load any path and returns memory contents via list/search/summarize — this enables reading arbitrary files and returning their contents, which is outside a narrow 'memory manager' scope unless the user explicitly chooses safe paths.
Install Mechanism
There is no install spec, but the code imports third-party modules directly from deno.land (zod and std/encoding). That means runtime will fetch remote code from the network; this is normal for Deno but is a supply-chain risk compared with vendored or packaged dependencies.
!
Credentials
The skill requests no env vars, which is proportional, but it performs arbitrary filesystem read/write (Deno.readTextFile / Deno.writeTextFile) with user-supplied paths. If the agent runs with filesystem permissions, the skill can read sensitive local files and then expose them in outputs — a high-risk capability relative to typical memory persistence needs unless paths are restricted.
Persistence & Privilege
The skill is not always-enabled and does not modify other skills. However, because it can persist to arbitrary disk paths and load arbitrary files, installing it in an environment with broad file-system permissions grants it effective persistent access to local data. Consider limiting runtime permissions or paths.
What to consider before installing
This skill appears functionally consistent with a memory manager, but two practical risks deserve attention: (1) It will fetch third-party modules from deno.land at runtime — review and pin/ vendor those dependencies if you want to avoid implicit network-loaded code. (2) The load/save API accepts arbitrary file paths and uses Deno.readTextFile/Deno.writeTextFile; if the agent runtime has filesystem permissions, an attacker or misconfigured agent could read sensitive local files (for example dotfiles, credentials) and return their contents via search/list/summarize. Before installing: ensure your agent runtime is constrained (e.g., run in a sandbox or deny filesystem access), only use safe persistPath locations you control, inspect or vendor the imported deno.land modules, and avoid granting this skill broad autonomous privileges. If you need help limiting its filesystem capabilities or auditing the remote imports, consider code-reviewing and running the skill in an isolated environment first.

Like a lobster shell, security has layers — review code before you run it.

latestvk971srq5fa08s49fqkmgcpqaa582njwq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments