Skillv0.1.0

ClawScan security

Mnemo Cortex · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 29, 2026, 11:59 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's purpose (local persistent memory) matches the instructions, but there are important mismatches and missing declarations (undeclared environment variables and unstated credential needs) and the runtime instructions direct installing and running third‑party code from GitHub — review before installing.
Guidance: This skill appears to be what it claims (a local persistent-memory integration) but has important gaps you should verify before installing: (1) Inspect the GitHub repository code (especially setup and the server) before running pip install or starting the service. (2) Expect the installer or integrations to require environment variables like MNEMO_URL and MNEMO_AGENT_ID and possibly API keys for model providers — the registry does not declare these, so prepare to provide them and only give minimal scopes/secrets. (3) Because the install runs a local HTTP server and changes agent config files, consider installing in an isolated environment (container or VM) or at least back up any agent config files before applying changes. (4) Verify network and firewall exposure for the server (listens on localhost:50001 by default) and confirm you trust the upstream GitHub owner. If you want stronger assurance, ask the publisher to update the skill metadata to list required env vars/credentials and a formal install spec, or provide a signed release URL you can audit.

Review Dimensions

Purpose & Capability: noteThe name/description (install and wire Mnemo Cortex for persistent memory) aligns with the runtime steps (clone repo, pip install, start a local server, wire host integrations). Requiring git and python3 is reasonable. The declared requirement of node is plausible (UI/integrations) but not justified in the instructions — minor mismatch but explainable.
Instruction Scope: concernSKILL.md instructs the agent/operator to clone a GitHub repo, create a venv, pip install the package, run a local server, and modify host agent config (openclaw mcp set, mcp.json, etc.). Those actions are within the stated purpose but the instructions reference environment variables (MNEMO_URL, MNEMO_AGENT_ID) and interactive wizard steps (picking model providers) that imply additional secrets/credentials or config changes — yet no env vars/credentials are declared in the registry metadata. The skill also instructs modifying host agent configuration, which is expected for integration but should be highlighted to users.
Install Mechanism: noteThere is no registry install spec; the SKILL.md directs cloning from a GitHub repo and running pip install -e ., which will write and execute third‑party code locally. The source is a GitHub repo (not an arbitrary host), lowering some risk, but installing code from upstream and running a local server is moderate-risk and should be reviewed before execution.
Credentials: concernThe registry declares no required environment variables or credentials, but the instructions repeatedly reference MNEMO_URL and MNEMO_AGENT_ID and mention an interactive 'pick model providers' wizard (which likely needs provider API keys). Those variables/keys are not declared in requires.env or primaryEnv — an inconsistency that could lead to surprise credential requests or misconfiguration. This is the clearest proportionality issue.
Persistence & Privilege: noteThe skill does not request always:true and is user-invocable (normal). It does instruct installing a persistent local server and modifying host integration settings (mcp.json, openclaw config), which is expected for this type of integration but means the skill will have ongoing presence and could affect agent behavior — users should review changes before applying them.