Skillv1.0.0

ClawScan security

ActingWeb Memory · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 2, 2026, 10:24 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements, instructions, and helper script are coherent with a personal memory integration and do not request unrelated credentials or network endpoints.
Guidance: This skill appears to do exactly what it says: talk to an ActingWeb MCP server to read and write long-term memories. Before installing, confirm you trust the MCP endpoint (https://ai.actingweb.io/mcp). If you will run the manual OAuth helper: (1) inspect scripts/manual-oauth.sh yourself — it registers a dynamic OAuth client and writes access/refresh tokens (and client info) into ~/.mcporter/credentials.json; (2) be prepared to install mcporter and the local tools the script requires (curl, python3, node, openssl); (3) understand that the assistant may be allowed to consult shared memories and remote actions — ask how shared categories/connections are restricted in your dashboard. If you do not want the assistant to access or update long-term memory autonomously, do not enable implicit invocation or avoid installing the MCP credentials.

Review Dimensions

Purpose & Capability: okThe name/description claim a persistent personal memory integration via an ActingWeb MCP server; the agent manifest and SKILL.md consistently reference an MCP at https://ai.actingweb.io/mcp and provide memory tool calls (search, save, get, etc.). Nothing requested by the skill (no unrelated env vars or config paths) conflicts with this purpose.
Instruction Scope: okSKILL.md limits runtime behavior to searching, saving, updating, deleting, and using context builder/remote actions via the declared MCP tools. It instructs searching before replying and to confirm destructive actions; it does not instruct reading unrelated local files, exfiltrating arbitrary data, or calling third-party endpoints outside the ActingWeb domain.
Install Mechanism: noteThe skill is instruction-only with no package install spec. It includes a helper script (scripts/manual-oauth.sh) to perform a PKCE OAuth flow against ai.actingweb.io and write tokens to mcporter's vault (~/.mcporter/credentials.json). This is expected for headless OAuth but requires local tools (curl, python3, node, openssl, mcporter) and will write credentials to disk — review the script before running.
Credentials: okThe skill declares no required environment variables and only needs user OAuth tokens for the ActingWeb MCP (as described). The script and docs request authentication to the stated ActingWeb endpoint; there are no requests for unrelated service credentials or broad system secrets.
Persistence & Privilege: notealways:false (not force-installed). The manifest allows implicit invocation (allow_implicit_invocation: true) which is normal for skills — however, because this skill accesses long-term personal memory, autonomous invocation is sensitive: consider whether you want the assistant to consult or modify memory without an explicit user prompt.