ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cross-Platform Memory Bridge

v1.0.0

Injects recent conversations from Telegram and Discord into the OpenClaw gateway session context. Enables the agent to remember and reference cross-platform...

0· 41·0 current·0 all-time
bydan@dq-stack
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the behavior: the bridge reads Telegram and Discord messages from OpenClaw session JSONL logs and local MEMORY.md/daily notes and returns a system context string. That capability legitimately requires filesystem access to session logs and workspace files. Minor mismatch: registry metadata lists no required env vars, but SKILL.md and the code reference OPENCLAW_SESSIONS_DIR and OPENCLAW_WORKSPACE as configurable environment variables (they have sensible defaults in code).
!
Instruction Scope
SKILL.md explicitly instructs you to copy references/memory-bridge.ts into your mission-control codebase and to call getMemoryContext() before gateway calls. The instructions direct the bridge to read session JSONL files and workspace files (MEMORY.md and daily notes) on every gateway request. While this matches the stated purpose, it also means the skill will automatically access potentially sensitive local logs and notes; the documentation does not include any built-in redaction or filtering beyond simple bot-message exclusion and age limits.
Install Mechanism
There is no automated install spec (instruction-only), and the skill includes a single TypeScript file that you must manually copy into your mission-control source. No network downloads or external packages are pulled by the skill. Manual code insertion is lower-risk than automatic downloads, but copying code into mission-control grants it whatever runtime privileges your mission-control process already has — this is an important privilege consideration.
!
Credentials
The skill requests filesystem access to session logs and workspace files (which may contain private conversations, tokens, or other secrets), but declares no credentials. The environment variables mentioned in SKILL.md are used only for configurable paths and have defaults; nonetheless the registry did not advertise them. No network/credential exfiltration is present in the code, but the code's access to local logs is proportionate for the feature and can expose sensitive data if those files contain secrets.
Persistence & Privilege
always:false (default) and autonomous invocation allowed (default). That is normal. The real persistence/privilege impact comes from integrating the code into your mission-control app: once added, it runs inside mission-control and inherits its filesystem/network privileges. The skill does not attempt to modify other skills or global agent settings.
What to consider before installing
This skill appears to do what it claims (pull recent Telegram/Discord user messages and local MEMORY.md/daily notes into agent context) and contains no network exfiltration code, but you should not install it blindly. Before adding it to your mission-control codebase: 1) Review the TypeScript file yourself (or have a developer review) to ensure it meets your redaction/privacy needs. 2) Be aware that copying the file into mission-control gives it the same filesystem and runtime privileges as your server — sensitive session logs and notes will be read and injected into agent context. 3) Consider adding explicit redaction rules (remove tokens, emails, PII) and stricter filters (shorter MAX_MESSAGE_AGE_HOURS, fewer messages) before use. 4) If you keep secrets or tokens in MEMORY.md or session logs, do not enable this in production without additional safeguards or running it in a tightly controlled/staging environment. 5) Note the minor metadata mismatch: SKILL.md references environment variables that the registry did not mark as required—set and audit those variables if you proceed. If you want higher confidence, ask the publisher for provenance (homepage/owner identity) or run the code in a sandboxed instance first.

Like a lobster shell, security has layers — review code before you run it.

contextvk972h5cpe6ytwqcjna1kay4ead83pk6fdiscordvk972h5cpe6ytwqcjna1kay4ead83pk6fgatewayvk972h5cpe6ytwqcjna1kay4ead83pk6flatestvk972h5cpe6ytwqcjna1kay4ead83pk6fmemoryvk972h5cpe6ytwqcjna1kay4ead83pk6fopenclawvk972h5cpe6ytwqcjna1kay4ead83pk6ftelegramvk972h5cpe6ytwqcjna1kay4ead83pk6f

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments