Supermemory
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: supermemory Version: 1.0.0 The skill bundle is designed to interact with the SuperMemory API for storing, searching, and chatting with memories. All network calls are directed to the legitimate `api.supermemory.ai` domain, and the `SUPERMEMORY_API_KEY` is explicitly required for authentication. There is no evidence of data exfiltration beyond the intended API interaction, malicious execution, persistence mechanisms, or prompt injection attempts against the agent. While user input is directly embedded into JSON payloads without explicit escaping, this is primarily a robustness concern that could lead to malformed JSON and API errors, rather than a direct security vulnerability like shell injection or data exfiltration in this context.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user follows the setup, their memories may be stored or searched under an unknown/shared SuperMemory account, exposing data to whoever controls that key and risking abuse or revocation of the leaked credential.
The skill requires a SuperMemory bearer key and provides a concrete, real-looking key instead of a placeholder. The registry metadata also reports no primary credential, so users may not get clear credential-boundary visibility.
requires":{"env":["SUPERMEMORY_API_KEY"]} ... export SUPERMEMORY_API_KEY="sm_oiZHA2H...wEPe"Remove and revoke the embedded key, use a placeholder such as "your-api-key", require each user to supply their own key securely, and declare SUPERMEMORY_API_KEY as the primary credential in registry metadata.
Secrets saved as memories can be sent to SuperMemory, retrieved later into chats or agent context, and exposed if the account, key, or downstream context is compromised.
The documentation explicitly recommends storing API credentials as memories in an external persistent knowledge base, with no warning, redaction, retention limit, or confirmation guidance.
"Remember that my API key is xyz" → `supermemory add "My API key is xyz" --description "API credentials"`
Do not encourage storing API keys, passwords, tokens, or other secrets. Add clear warnings, redact sensitive values by default, and require explicit user confirmation before saving sensitive content.