AOI Triple Memory (Lite)
PassAudited by ClawScan on May 10, 2026.
Overview
The skill coherently implements local workspace search and note-template creation, with no evidence of network exfiltration or hidden behavior, but users should notice the workspace file access, persistent notes, and undeclared ripgrep dependency.
This appears safe for normal local use if you intend to let it search the current workspace and create note files under `context/`. Before installing, make sure ripgrep comes from a trusted source, avoid running it from directories containing sensitive files you do not want searched, and do not store secrets in generated notes.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Search results may expose matching lines from local workspace files to the agent or terminal.
The skill runs the local ripgrep tool with a user-supplied query over the workspace. This matches the stated search purpose, but it is still local tool execution that can return workspace file contents.
const res = spawnSync('rg', ['-n', q, root], { encoding: 'utf8' });Use the skill only in workspaces you intend to search, and consider adding a `--` separator before the query to avoid ripgrep option ambiguity.
The command may fail or use whatever `rg` binary is already installed on the local system.
The registry requirements declare no binaries, while `skill.js` depends on the external `rg` command. This is not hidden malicious behavior, but the runtime dependency is under-declared.
Required binaries (all must exist): none; Required binaries (at least one): none
Declare ripgrep as a required binary and ensure users install it from a trusted source.
Information written into notes may remain in the project and be reused or searched later.
The skill creates persistent decision-note files inside the workspace. This is expected for a memory/note skill, but stored notes can later influence work or contain sensitive information.
const dir = path.join(root, 'context'); ... fs.writeFileSync(file, body, 'utf8');
Review generated notes before relying on them, avoid storing secrets or private data, and keep the workspace scope limited.