Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Memory Hygiene
v1.0.0Audit, clean, and optimize Clawdbot's vector memory (LanceDB). Use when memory is bloated with junk, token usage is high from irrelevant auto-recalls, or setting up memory maintenance automation.
⭐ 17· 17.4k·211 current·221 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description match the instructions: commands reference Clawdbot-specific tools/paths (memory_store, memory_recall, ~/.clawdbot/memory/lancedb/, gateway actions). This is coherent for a memory maintenance skill. However the guidance to store 'accounts, credentials locations, contacts' is questionable and conflicts with the 'Never store: OAuth URLs or tokens' note — storing credential locations is not clearly necessary for a hygiene tool and increases risk.
Instruction Scope
SKILL.md instructs destructive actions (rm -rf ~/.clawdbot/memory/lancedb/) and restarting the gateway, reading/parsing local files (MEMORY.md), and adding a monthly cron job that will perform the wipe+reseed automatically. These are in-scope for maintenance but are high-impact operations (data loss risk) and the cron makes the behavior persistent. The file also advises storing potentially sensitive items (accounts/credential locations), which expands scope to sensitive data collection/storage.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest installer risk. Nothing is downloaded or written by an installer step in the package itself.
Credentials
The skill declares no required credentials or env vars (good), but its content explicitly encourages storing 'accounts, credentials locations' in vector memory. Asking users to persist credential-related information in memory is disproportionate to a maintenance task and increases attack surface / leakage risk; the guidance is internally inconsistent with the 'Never store OAuth URLs or tokens' line.
Persistence & Privilege
While the skill itself is not always:true, the instructions recommend creating a recurring cron job that will automatically wipe and reseed memory monthly. That establishes persistent, scheduled destructive behavior on the host — a meaningful privilege/risk that should be intentionally authorized and tested before deployment.
What to consider before installing
Before using/installing: 1) Treat the rm -rf instruction as destructive — back up your LanceDB and test the wipe/reseed on a non-production instance first. 2) Do NOT store secrets (API keys, tokens, passwords) in vector memory; the SKILL.md contradicts itself by suggesting to store 'credentials locations' — avoid storing any sensitive credentials or locations that could enable later exfiltration. 3) Review and limit the cron job: prefer manual or carefully permissioned automation; confirm the cron runs under a non-privileged account and that the command does exactly what you expect. 4) Verify the gateway actions/CLI referenced (gateway action=config.patch, memory_store, memory_recall, clawdbot gateway restart) exist and behave as documented in your environment. 5) Confirm the source/repo and author before trusting automated maintenance (the package lists a homepage but 'Source: unknown'); review the GitHub repo and commit history. 6) If you accept the automation, add logging and alerting for maintenance runs and keep backups to avoid irreversible data loss.Like a lobster shell, security has layers — review code before you run it.
latestvk972d37mvfxy7kxe7my67z4y5n803e1g
License
MIT-0
Free to use, modify, and redistribute. No attribution required.