Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Memoria Memory System
v1.0.0Manages AI assistant long-term memory with layered storage for facts, events, skills, context, and fast indexing, including backup and integrity tools.
⭐ 0· 420·0 current·0 all-time
byCedric@cuilinshen
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description match the included scripts (backup, migrate, rollback, health-check). However the registry metadata claims no required binaries/env, while SKILL.md and the scripts require Bash, jq, and tar — a metadata omission that reduces clarity about runtime needs.
Instruction Scope
Runtime instructions direct the agent (or user) to run shell scripts that perform file-system mutations (mkdir, cp, rm -rf, tar extraction, find -delete). The scripts accept --path arguments and read config.json; there is no path sanitization or safety checks, so a mis-set config or malicious/erroneous argument could overwrite or extract into arbitrary directories (e.g., dirname of MEMORY_PATH). Rollback uses rm -rf on MEMORY_PATH and extracts archives relative to dirname(MEMORY_PATH), which can be destructive if MEMORY_PATH is configured incorrectly.
Install Mechanism
There is no network-based install step in the skill manifest (instruction-only install spec). The code files are included in the skill bundle; nothing in the manifest downloads remote archives. This is lower install risk, but the provided scripts will be placed on disk and can be executed by the agent or user.
Credentials
The skill requests no credentials or environment variables. That is appropriate for a local filesystem-oriented memory manager. The SKILL.md does require local tools (bash, jq, tar) which are reasonable for the tasks.
Persistence & Privilege
always:false (normal). The skill can be invoked autonomously by the agent (disable-model-invocation:false), which combined with shell scripts that modify local files increases blast radius: an agent with this skill could create, backup, rollback, or delete the configured memory directory. This is expected for a management tool but worth confirming you trust autonomous actions.
What to consider before installing
This skill appears to implement the stated memory-management features, but review and take precautions before installing: 1) Verify jq, tar and Bash are available, and update the skill metadata to reflect these dependencies. 2) Inspect and edit config.json so memory.base_path and backup.path point to a safe, isolated directory you control (do not leave defaults if running from a high-privilege or home directory). 3) Avoid running rollback with --force or exposing the skill to untrusted agent autonomy until you are comfortable (consider setting disable-model-invocation:true if available). 4) Run memory-backup.sh --dry-run and memory-health-check.sh without --fix first to see actions. 5) Be cautious with cron installation: schedule only after manual verification. 6) If you need stronger safety, request path validation/whitelisting in the scripts (prevent operations outside a sandboxed memory path).Like a lobster shell, security has layers — review code before you run it.
ai-assistantvk972cpyp5xnv6a6nj4decth9kd81xdkqbackupvk972cpyp5xnv6a6nj4decth9kd81xdkqcognitivevk972cpyp5xnv6a6nj4decth9kd81xdkqknowledge-managementvk972cpyp5xnv6a6nj4decth9kd81xdkqlatestvk972cpyp5xnv6a6nj4decth9kd81xdkqlong-term-memoryvk972cpyp5xnv6a6nj4decth9kd81xdkqmemoryvk972cpyp5xnv6a6nj4decth9kd81xdkq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.