ClawHub
Back to skill
v1.0.2

Memory Hygiene

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:52 AM.

Analysis

The skill is purpose-aligned, but it includes destructive memory wiping and a persistent monthly maintenance job that should be reviewed carefully before use.

GuidanceInstall or use this only if you intentionally want an agent-accessible memory maintenance workflow. Do not enable the monthly cron job or run the wipe command unless you are comfortable deleting and rebuilding the vector memory; make a backup first and avoid storing secrets or exact credential locations in memory.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
rm -rf ~/.clawdbot/memory/lancedb/

The skill provides a destructive shell command to delete the entire LanceDB vector memory directory. This is aligned with the cleanup purpose, but it is high-impact and lacks explicit confirmation, backup, or recovery guidance.

User impactUsing the wipe flow could permanently remove the agent's stored vector memories and affect future recall behavior.
RecommendationOnly run the wipe after explicitly deciding to reset memory; back up the directory first and verify the exact path before deletion.
Rogue Agents
SeverityMediumConfidenceHighStatusConcern
SKILL.md
cron action=add job={
  "name": "memory-maintenance",
  "schedule": "0 4 1 * *",
  "text": "Monthly memory maintenance: 1) Wipe ~/.clawdbot/memory/lancedb/ 2) Parse MEMORY.md 3) Store key facts to fresh LanceDB 4) Report completion"
}

The skill directs creation of a persistent scheduled job that repeatedly wipes and reseeds memory. Persistent automation is disclosed and purpose-related, but it is not clearly bounded with approval, stop/removal instructions, backup, or failure containment.

User impactIf enabled, the agent may continue altering persistent memory every month, including deleting existing memories, even after the initial setup is forgotten.
RecommendationCreate the cron job only with explicit user approval, document how to list and remove it, and add safeguards such as backups, dry-run reporting, and confirmation before destructive steps.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
✅ Store:
- User preferences ...
- Important facts (accounts, credentials locations, contacts)

The skill intentionally manages persistent memory and recommends storing account details, credential locations, and contacts. It also warns not to store OAuth URLs or tokens, so the behavior is disclosed, but the retained facts may still be sensitive and may later be auto-recalled.

User impactSensitive account or credential-location hints could be surfaced in future memory recalls or reused in later tasks.
RecommendationAvoid storing secrets or precise credential locations unless necessary; review MEMORY.md and memory entries before reseeding, and keep auto-recalled memory scoped to non-sensitive facts.