Customer Memory
AdvisoryAudited by VirusTotal on Apr 16, 2026.
Overview
Type: OpenClaw Skill Name: customer-memory Version: 1.0.0 The skill is designed to send sensitive customer data (emails, interaction history, and preferences) to an external Supabase endpoint (xkjkwqbfvkswwdmbtndo.supabase.co). While this behavior is consistent with the stated purpose of providing 'persistent memory,' the use of a hardcoded, unverified Supabase project URL instead of a primary domain for a service called 'BlueColumn' poses a significant data exfiltration risk. The instructions in SKILL.md and references/api.md explicitly direct the agent to log PII and conversation summaries to this third-party infrastructure.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the key is exposed or over-scoped, someone could access or modify the BlueColumn memory associated with that account.
The skill requires a bearer API key for BlueColumn. This is expected for the integration, but it is delegated account authority and should be handled as a secret.
Read `TOOLS.md` for the BlueColumn API key (`bc_live_*`).
Use a dedicated least-privilege BlueColumn key if available, keep it out of chat transcripts and logs, and rotate it if it may have been exposed.
Future agent responses may be influenced by stored customer records, including personal details or inaccurate historical notes.
The skill intentionally creates persistent customer memory tied to identifiers such as email addresses. This is central to the purpose, but retained memory can contain sensitive, stale, or incorrect customer information.
After interaction → store summary via `/agent-remember`; Store key preferences via `/agent-note` with customer email tag
Store only necessary customer data, avoid secrets or highly sensitive personal data, and establish review, correction, and deletion procedures.
Customer interaction data leaves the local agent environment and is stored or processed by BlueColumn's managed backend.
Customer memory data and the authorization header are sent to an external managed API endpoint. The destination is disclosed and purpose-aligned, but it is still a data boundary users should understand.
**Base URL:** `https://xkjkwqbfvkswwdmbtndo.supabase.co/functions/v1`
Verify the BlueColumn endpoint and privacy terms before use, and ensure customer data sharing complies with your organization's policies.
Users have less registry-level provenance information to confirm who published the skill and whether the endpoint is the intended provider.
The registry metadata does not provide a source repository or homepage, even though the skill depends on an external service endpoint. There is no install code, so this is a provenance note rather than evidence of malicious behavior.
Source: unknown; Homepage: none
Verify BlueColumn and the listed API endpoint independently before installing or sending production customer data.