Memos
ReviewAudited by ClawScan on May 1, 2026.
Overview
This is a straightforward Memos API client, but it uses a bearer token and can create public memos or delete existing memos if invoked.
Install only if you trust the configured Memos instance and are comfortable giving the agent a Memos token. Use a least-privilege token if possible, specify PRIVATE or PROTECTED when creating sensitive memos, and double-check deletion requests, especially force deletes.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used carelessly, the agent could create publicly visible memos or delete memo data from the connected account.
The skill exposes public-by-default memo creation and destructive deletion, including a force option. This matches the stated purpose, but these are high-impact actions users should invoke deliberately.
`create <content> [visibility]` ... `visibility` defaults to `PUBLIC` ... `delete <id> [force]` ... `force` ... delete even if it has associated data.
Specify PRIVATE or PROTECTED for sensitive memos, and confirm memo IDs before any delete or force-delete operation.
The agent can act on the Memos account within the permissions of the provided token.
The skill uses a bearer token to authenticate to the configured Memos instance. This is expected for the integration, but it grants whatever account privileges that token has.
TOKEN = os.getenv("MEMOS_TOKEN") ... "Authorization": f"Bearer {TOKEN}"Use a dedicated, least-privilege token if Memos supports it, and avoid sharing MEMOS_TOKEN in prompts, logs, or public configuration.
Private memo contents may be shown to or used by the agent, and untrusted memo text could influence later reasoning if treated as instructions.
The get and list operations return stored memo content into the agent context. This is purpose-aligned, but memos may contain private data or instruction-like text.
return _request("GET", f"/api/v1/{memo_id}") ... return _request("GET", "/api/v1/memos", params=params)Retrieve only memos you intend the agent to see, and treat memo content as user data rather than authoritative instructions.