Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Memory Consolidate
v1.0.0Persistent memory system for OpenClaw agents: reads session logs, extracts facts/decisions/solutions, manages temperature-based lifecycle, and generates MEMO...
⭐ 0· 174·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the delivered files and runtime steps: scripts parse session logs, classify facts/decisions/solutions, manage temperature lifecycle, and render MEMORY_SNAPSHOT.md. Patching the gateway to inject the snapshot and running a scheduled job are coherent with the stated purpose.
Instruction Scope
Runtime instructions ask you to patch gateway hooks (bootstrap-extra-files) and add a daily cron that runs the consolidation script. The scripts read workspace session logs (memory/*.md and structured JSONL), IDENTITY.md and USER.md, and openclaw.json provider config. That means the skill will access session transcripts and config files; the semantic pipeline will send extracted content to an external LLM provider configured in openclaw.json. There is no explicit redaction policy shown for secrets (API keys, tokens, passwords) that may appear in session logs.
Install Mechanism
No install spec, but the skill bundle includes many Python scripts that are expected to be run in-place from the workspace. No external downloads or opaque installers are present. The lack of an explicit install step means the operator must copy/enable scripts and run commands listed in SKILL.md, which is lower-risk than remote code download but does write/modify gateway config and cron.
Credentials
The skill declares no required env vars, but in practice it reads OPENCLAW_WORKSPACE files (session logs, IDENTITY.md, USER.md) and openclaw.json (provider baseUrl/apiKey). The semantic step uses the configured LLM provider (claude-haiku via 'tui'), so API keys present in openclaw.json will be used to make external calls. The code inspects line text for occurrences of 'token', 'apiKey', etc. and lowers their 'importance' score, but I see no clear redaction/removal of sensitive tokens before storing or sending content to the LLM — this is a potential secret-exfiltration vector.
Persistence & Privilege
The SKILL.md instructs patching gateway configuration so MEMORY_SNAPSHOT.md is injected into every session and adding a daily cron job to run the consolidation script. These are persistent configuration changes that affect all sessions. The skill does not set always:true, but the gateway patch grants system-wide behavior change (context injection) and the cron creates regular autonomous execution — both require explicit user consent and review.
What to consider before installing
This skill appears to do what it claims (consolidate memory and inject a session snapshot) but you should proceed cautiously. Before installing: (1) Review openclaw.json and confirm which LLM provider (baseUrl/apiKey) will be used — the semantic step will send snapshot content to that external service. (2) Inspect your session logs for sensitive data (API keys, tokens, passwords, private channel IDs) because the scripts read session transcripts and there is no clear automatic redaction. (3) Back up current gateway/openclaw.json and only apply the gateway config patch after you accept that MEMORY_SNAPSHOT.md will be injected into every session. (4) Consider testing in a separate/isolated workspace first and run the scripts in dry-run mode to inspect outputs before enabling the cron. If you want to be safer, remove or sanitize secrets from logs or ensure the provider endpoint is trusted and that you understand data retention/processing by that provider.Like a lobster shell, security has layers — review code before you run it.
latestvk970esah2823k3aydbcq9de0hn82t58w
License
MIT-0
Free to use, modify, and redistribute. No attribution required.