Back to skill
Skillv1.0.0
ClawScan security
Memory Setup 1.0.0 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 5, 2026, 8:21 PM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions match its stated purpose (setting up persistent memory) but they reference API keys and config edits that the metadata does not declare and recommend a third-party provider ('voyage') without provenance — review where keys and memory files will be sent before installing.
- Guidance
- This skill appears to do what it says (configure persistent memory), but it references external API keys and edits config files without declaring those secrets in the metadata. Before following instructions or providing keys: 1) Verify what 'voyage' is (official site, privacy terms, where embeddings go). 2) Prefer the 'local' provider if you don't want data sent to third parties. 3) Do not paste API keys into shared files or public repos; store them in a secure place. 4) Back up ~/.clawdbot/clawdbot.json and workspace memory files before editing. 5) Be mindful that MEMORY.md and daily logs may contain sensitive data — assess privacy risk of indexing them. If you need higher assurance, ask the skill author for provenance of the 'voyage' provider and update the skill metadata to declare required env vars before use.
Review Dimensions
- Purpose & Capability
- okName and description align with the instructions: the SKILL.md describes enabling memorySearch, creating MEMORY.md and memory/ files, and configuring the agent. The operations and files it asks you to create/edit are coherent with a memory-setup task.
- Instruction Scope
- concernThe instructions explicitly tell users/agents to edit ~/.clawdbot/clawdbot.json (or moltbot.json), workspace files, and to run 'clawdbot gateway restart'. They also reference runtime actions for agents (memory_search, memory_get). These are within scope, but the SKILL.md also mentions environment variables (VOYAGE_API_KEY, OPENAI_API_KEY) that are not declared in the skill metadata — the skill instructs the agent/user to set secrets without declaring them. That mismatch should be noted before granting access or following the instructions.
- Install Mechanism
- okThis is an instruction-only skill with no install spec and no code files, so it does not download or write executables. That minimizes installation risk.
- Credentials
- concernThe SKILL.md recommends setting VOYAGE_API_KEY and OPENAI_API_KEY (and suggests using a third-party 'voyage' provider) but the skill's metadata lists no required environment variables or primary credential. The instructions therefore expect secrets that the registry metadata doesn't declare. This is a transparency gap and increases risk because the skill may prompt you to create/store API keys for an external provider.
- Persistence & Privilege
- okThe skill does not request always:true and does not modify other skills' configs. It only instructs how to edit user config files and workspace files, which is expected for a setup guide. Autonomous invocation is allowed by default, but there is no indication this skill needs permanent elevated presence.