Skillv1.1.0

ClawScan security

Memory Manager Pro (记忆索引管理) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 26, 2026, 1:15 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only skill that documents and automates creating and maintaining a local markdown-based memory/index structure; its requirements and actions are consistent with that purpose.
Guidance: This skill is internally consistent with its stated purpose, but before installing consider: (1) it will create and edit files under workspace/projects/ and memory/ — back up important data or restrict the workspace directory; (2) examples use vague 'edit' steps that grant the agent discretion to write content — review generated files after first runs; (3) the '索引更新服务' is an interface contract in documentation (there is no network listener provided) — inter-skill calls rely on the platform's skill-invocation mechanisms and do not introduce new network endpoints; (4) if you prefer manual control, disable autonomous invocation or limit the skill's usage until you verify its behavior on a disposable workspace; and (5) no credentials or external URLs are requested by this skill, which reduces exfiltration risk.

Purpose & Capability: okName and description match the actual behavior: creating/reading/updating markdown index files and project directories. No unrelated credentials, binaries, or network hosts are requested.
Instruction Scope: noteSKILL.md contains explicit file-system operations (mkdir, touch, grep examples), templates, and workflows for reading and writing files under workspace/projects and memory/. Examples use vague steps like 'edit' and '传递必要文件，执行任务' which give the agent discretionary write/edit actions. This is expected for a local indexing/task-management skill but you should be aware it will create and modify files in your workspace.
Install Mechanism: okNo install spec or downloaded code — instruction-only skill. Nothing is written to disk by an installer; the only writes are those the agent will perform at runtime per the instructions.
Credentials: okThe skill requests no environment variables, credentials, or config paths. All declared operations are local file/directory work consistent with the stated purpose.
Persistence & Privilege: okalways:false and default autonomous invocation are used. The skill does not request persistent platform-level privileges or modify other skills' configs. Autonomous invocation is normal — consider access controls if you allow agents to act without supervision.