ClawHub

Snail Mail

AdvisoryAudited by Static analysis on Apr 30, 2026.

Overview

No suspicious patterns detected.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence
ASI06: Memory and Context Poisoning
What this means

Important notes, links, and potentially sensitive event details can remain on disk and be shown again in later inbox renders.

Why it was flagged

The skill deliberately persists inbox entries locally and may fall back to the home directory if the workspace variable is absent.

Skill content
Messages stored in `{workspace}/inbox/messages.json`... `OPENCLAW_WORKSPACE` — base directory for inbox storage (defaults to `$HOME`)
Recommendation

Use it only if you want persistent local message storage; avoid placing secrets in inbox messages and periodically review or archive the inbox.