ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ClawGraph

v0.1.3

Automatically store explicit durable user facts and recall them later; do not infer or upgrade weak signals

0· 14·0 current·0 all-time
by@clawgraphai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description describe a persistent memory/knowledge-graph. The required binary (clawgraph) and single env var (OPENAI_API_KEY) are consistent with a tool that uses an LLM-backed extractor and a local CLI. The skill does not request unrelated credentials or surprising binaries.
!
Instruction Scope
SKILL.md instructs the agent to proactively store 'durable' user facts even without an explicit 'remember' command and to 'preserve the user's phrasing'. There are no guardrails about excluding secrets/sensitive PII, requiring explicit user consent, or retention/erasure policies. This means the agent may persist passwords, tokens, medical or financial details, or other sensitive data unless callers add protections.
Install Mechanism
Install spec uses an installer kind labeled 'uv' and package 'clawgraph==0.1.3', producing a clawgraph binary. No direct URL is provided. Writing an unpacked binary to disk is expected for a CLI tool, but 'uv' is an uncommon installer label in public registries—verify the package source/registry and integrity before installing.
Credentials
Only OPENAI_API_KEY is required and is declared as the primary credential, which aligns with the SKILL.md statement that ClawGraph uses OpenAI-compatible models. No unrelated credentials or broad environment access are requested.
Persistence & Privilege
The tool stores data persistently at ~/.clawgraph/data and uses a user config at ~/.clawgraph/config.yaml. always:false (not forced) and autonomous invocation is allowed (platform default). Persistent local storage is expected for a memory skill, but combined with the instruction to auto-store facts, it increases privacy risk; there is no mention of encryption, access controls, or retention.
What to consider before installing
This skill is coherent with a memory/knowledge-graph tool, but it instructs the agent to automatically persist user-provided facts. Before installing: (1) Review the upstream package source (the GitHub homepage) and verify the package comes from a trusted registry and author; (2) Confirm what 'uv' installer is and whether the package will run arbitrary code on your machine; (3) Understand and audit ~/.clawgraph/data and ~/.clawgraph/config.yaml (where data is persisted and how it is protected); (4) Decide and enforce policies to avoid storing secrets or sensitive PII (explicit user consent, redaction rules, and retention/deletion policies); (5) Consider using a test account / sandbox and a rotated OPENAI_API_KEY when evaluating; (6) If you require stronger privacy, request or implement encryption-at-rest and explicit confirm-before-write behavior in the tool or agent instructions.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dr2sp8d6kgny99r65m6ntn984bd3a

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
Binsclawgraph
EnvOPENAI_API_KEY
Primary envOPENAI_API_KEY

Install

Install ClawGraph (uv)
Bins: clawgraph
uv tool install clawgraph==0.1.3

Comments