Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description describe cross‑session memory lookup and sync; the skill only references local session listing/history tools and local memory files (~/.openclaw/...), which are exactly what this purpose needs. The small index.js is a harmless placeholder.
Instruction Scope
SKILL.md instructs reading local session JSONL files, using sessions_list/sessions_history, grep/find, and writing memory/*.md — all consistent with the stated function. It documents user confirmation before reads/writes and repeatedly emphasizes manual trigger and privacy constraints. Note: the enforcement of prompts is instructional text; verify at runtime that the agent indeed prompts before executing reads/writes.
Install Mechanism
No install spec and no network downloads. Instruction‑only skill with a tiny placeholder JS file: low installation risk.
Credentials
The skill declares no env vars, no credentials, and asks for no external tokens. The operations are local file reads/writes; this is proportionate to the described functionality.
Persistence & Privilege
always:false and user‑invocable:true. The skill does not request permanent elevated presence or modify other skills or system settings. It writes to memory files only after user confirmation per the documentation.
Assessment
This skill appears coherent and low risk, but before installing: (1) confirm that the agent runtime actually prompts and waits for explicit user confirmation before any session read/write (the SKILL.md is an instruction that must be respected at runtime); (2) inspect your memory files (memory/, MEMORY.md) and session directories to ensure they don't already contain secrets; (3) test the skill in a safe account to observe exactly which files it reads/writes; (4) if you are concerned about autonomous agent actions, keep an eye on agent audit logs or restrict agent permissions to the .openclaw workspace. If any behavior deviates from the documented manual‑trigger flow, treat it as suspicious and revoke the skill.Like a lobster shell, security has layers — review code before you run it.
explicitvk9794e5aqbtyenqhmcgrc3k3h183p1yelatestvk97djzbawxhe9qvqn26zmebhvh83ptzwmanualvk9794e5aqbtyenqhmcgrc3k3h183p1ye
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🔄 Clawdis