v1.0.4

Better Memory

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:09 AM.

Analysis

Better Memory mostly matches its stated memory-management purpose, but the reviewed code shows unbounded managed-block markers that could rewrite or remove more workspace memory/rule content than promised.

GuidanceTreat this as a review-before-install skill: back up workspace memory and rule files, verify managed-block markers are present and non-empty, review any generated cron or heartbeat instructions before enabling them, and avoid storing sensitive information you do not want reused later.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceMediumStatusConcern

scripts/memory_os_common.py

MANAGED_AGENT_BLOCK_START = "" ... MANAGED_MEMORY_BLOCK_START = "" ... pattern = re.compile(re.escape(start) + r".*?" + re.escape(end), re.DOTALL)

The file-editing helper uses delimiter strings to replace or remove managed sections, but the provided source shows empty delimiters. That undermines the stated managed-block boundary for edits to AGENTS.md, MEMORY.md, and HEARTBEAT.md.

User impactRunning install or uninstall could corrupt, duplicate, or remove more workspace rules or memory than intended, affecting future agent behavior.

RecommendationBefore running smart_install or uninstall, verify the package uses non-empty managed-block markers and back up AGENTS.md, MEMORY.md, HEARTBEAT.md, and memory/.

Rogue Agents

SeverityLowConfidenceHighStatusNote

scripts/emit_cron_template.py

"# 1) Catch-up run: every 2 hours" ... "# 2) Daily L1 -> L2 review" ... "# 3) Weekly L2 -> L3 rollup" ... "# 4) Monthly advisory review report"

The skill generates recurring maintenance commands. The artifact shows this as a cron template rather than automatic cron installation, so it is disclosed and user-enabled.

User impactIf enabled, memory maintenance can run repeatedly and update persistent memory artifacts without being manually started each time.

RecommendationReview the generated cron template and heartbeat instructions before enabling them, and only schedule the tasks if recurring memory maintenance is desired.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

SKILL.md

L1 (native): `memory/YYYY-MM-DD.md` ... L2 (sidecar): `.openclaw-memory-os/l2/{experience,value,standard}.md` ... L3 (native): managed block in `MEMORY.md`

The skill intentionally creates persistent raw memories, summaries, and rollups that can be reused across future tasks.

User impactSensitive, incorrect, or maliciously worded memory entries could persist and later influence the agent.

RecommendationStore only durable information you want reused, review summaries and rollups regularly, and remove or mark stale/conflicted entries when needed.