Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Multi Agent Memory
v0.1.0多 agent 共享记忆与项目协作架构。支持项目状态隔离、知识库共享、跨项目搜索、版本控制、里程碑跟踪、周报和交接文档。适用于多个 agent 协作开发多个项目的场景。
⭐ 0· 277·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (multi-agent memory and collaboration) aligns with the included scripts and templates. However, the skill's metadata declares no required config paths or environment variables, while the SKILL.md and scripts clearly expect and manipulate a specific on-disk layout under /root/.openclaw and ~/workspace-<agent> (creating projects, archiving, updating symlinks). The missing declaration of those required paths is an incoherence that affects permission/consent decisions.
Instruction Scope
SKILL.md instructs agents to read and write many local files (context.md, todos.md, status/*.md, knowledge/, archives), run grep/stat/tar/cp/ln/sed and to call the included shell scripts. All operations are local (no external network endpoints), but they give the skill broad read/write scope over the user's ~/.openclaw and project workspaces. The SKILL.md uses commands like 'read /root/.openclaw/...' (which is ambiguous — likely intended cat) and otherwise assumes full access to those paths; that open-ended file access is a security and privacy concern if you don't expect the skill to manage your entire agent workspace.
Install Mechanism
There is no install spec; the package is instruction/script-only plus a package.json. No remote downloads, no extracted archives, and the included scripts are plain shell — low installation risk. The package.json references a GitHub repo, but there is no automated installer pulling code from external URLs.
Credentials
The skill declares no required environment variables or config paths, yet the runtime instructions and scripts expect to read/write specific filesystem locations (e.g., /root/.openclaw/projects, ~/workspace-<agent>/current-project.txt). That disparity means the skill will access local data that was not advertised in its manifests. It does not request credentials or network tokens, and it does not contact external endpoints in the provided code.
Persistence & Privilege
always is false and the skill does not request to be force-enabled. Its behavior is limited to creating and modifying files/directories under the skill/homework tree (~/.openclaw) and project folders; it does not modify other skills' configurations or system-wide agent settings. That level of local persistence is expected for a file-oriented collaboration skill, but should still be consented to explicitly by the user.
What to consider before installing
This skill appears to be a local project/knowledge-file manager (no network exfiltration in the scripts), but it will read and write many files under /root/.openclaw and ~/workspace-<agent> even though the registry metadata does not declare those config paths. Before installing or enabling it: 1) Review the templates directory and scripts (they are plain shell) to ensure no sensitive data will be overwritten. 2) Run the skill in an isolated or non-root environment first (do not give it access to your real /root or production data). 3) If you expect to keep secrets elsewhere, confirm the skill won't read those paths. 4) Note the SKILL.md has small inaccuracies (uses 'read' where 'cat' would be expected) — test the scripts manually. 5) If you need tighter control, ask the author to declare the required config paths in the manifest and to limit file access to a configurable working directory.Like a lobster shell, security has layers — review code before you run it.
latestvk9746km3cy5sr6ye6ax56me3js82knbh
License
MIT-0
Free to use, modify, and redistribute. No attribution required.