Shared Memory between Lobsters
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your Ensue API key could be displayed in terminal output or conversation context during troubleshooting.
The troubleshooting instructions tell the agent/user to print or grep locations that may contain the API key. If the command output is captured in the chat or logs, the credential could be exposed.
echo $ENSUE_API_KEY grep -A2 'ensue-learning-memory' ~/.clawdbot/clawdbot.json
Check only whether a key exists, or mask/redact the value before showing command output. Avoid pasting API keys into chat or logs.
The skill may operate with an Ensue account credential you configured elsewhere.
If ENSUE_API_KEY is not set, the script looks for Ensue credentials in local Claude plugin cache files and later in ~/.clawdbot/clawdbot.json. This is related to the stated provider, but it means the skill may use an existing local credential rather than only a key explicitly supplied for this skill.
key_file="$HOME/.claude/plugins/cache/ensue-learning-memory/ensue-learning-memory/0.2.0/.ensue-key"
if [ -f "$key_file" ]; then
cat "$key_file"Confirm which Ensue API key is being used and revoke or rotate keys that should not be available to this skill.
A mistaken grant could share or allow changes to more memory than intended.
The skill exposes permission-management commands that can grant broad read/write/delete access to memory namespaces. This matches the skill purpose, but it is high-impact authority.
`grant org <action> <pattern>` ... **Actions**: `read`, `create`, `update`, `delete`
Use the narrowest namespace pattern possible, avoid org-wide grants unless necessary, and require explicit user confirmation before permission changes or deletions.
Other users may be able to read or influence shared memory that agents rely on later.
The skill is designed to share persistent memory and subscribe to memory changes. Shared persistent memory can affect future agent context if permissions are too broad or if untrusted users can write to shared namespaces.
Share memories and state with other users ... `subscribe <key>` | Get notified on changes
Share only intended namespaces, separate private/shared/public memory carefully, and review active permissions and subscriptions.