ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Memory Evolver

v1.0.2

记忆系统优化器 - 结合三层记忆与知识图谱的持续自我进化系统。自动诊断、优化、记录记忆系统状态,实现记忆的持续进化。

0· 137·0 current·0 all-time
by@horizoncove
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The stated purpose (diagnose/optimize a three-layer memory + knowledge graph) is broadly consistent with index.py which inspects MEMORY.md, PROJECTS.md, daily notes and a knowledge-graph file and writes an optimization log. However SKILL.md and the README-like text claim additional modules (diagnose.py, knowledge_graph.py) and features (KG rebuilding, Feishu reports) that are not present in the bundle. Also the code hardcodes BASE_DIR to C:\Users\Administrator\.openclaw\workspace rather than using a configurable/workspace-relative path — this is unexpected and brittle but not obviously malicious.
!
Instruction Scope
SKILL.md instructs running the skill and scheduling cron jobs and describes KG rebuild and external reporting, but the actual runtime instructions (index.py) only perform local file checks, plan generation, and append/write to an optimization log. The docs grant broader scope (automatic integration, Feishu/EvoMap) that the code does not implement — this mismatch could indicate an incomplete or misleading package. The script reads and writes files in the user's .openclaw workspace (reads MEMORY.md, PROJECTS.md, memory/*, knowledge_graph/graph.json; writes memory/optimization循环.md) which is within the expected domain for a memory tool but is a persistence surface the user should expect.
Install Mechanism
No install spec, no external downloads, and index.py uses only Python standard library. There is no evidence of code being fetched from external, untrusted URLs or package managers.
Credentials
The skill requests no environment variables or credentials. The code accesses only local filesystem paths (hard-coded BASE_DIR) and does not attempt to read environment variables or network credentials. The lack of declared env requirements matches the code.
Persistence & Privilege
The skill writes a persistent optimization log into the user's workspace and may modify files under .openclaw/workspace/memory. always is false and it does not change other skills' configs, but because it writes to the agent's workspace you should treat it as capable of persistent state changes. Also autonomous invocation is allowed by default (disable-model-invocation false) — while normal, combined with write access this increases impact if the skill later obtains network capabilities.
What to consider before installing
Key points to consider before installing or running: - The package appears to be incomplete/mismatched: SKILL.md mentions diagnose.py, knowledge_graph.py, KG rebuild and Feishu/EvoMap integrations that are not present in the shipped files. Ask the author for the missing modules or an explanation. - The script hard-codes BASE_DIR to C:\Users\Administrator\.openclaw\workspace. On other systems this will fail or may target the wrong user's workspace. Prefer a version that uses a configurable path or the runtime agent workspace. - The skill reads and writes files under your .openclaw workspace (MEMORY.md, PROJECTS.md, memory/*, knowledge_graph/graph.json and writes memory/optimization循环.md). Back up those files before running to avoid accidental overwrites. - There are no network calls or credential accesses in the current code, which limits immediate exfiltration risk. However the SKILL.md's claim of external reporting (Feishu, EvoMap) suggests future or missing code could add network behavior — treat that as a potential future risk. - Recommended actions: (1) request clarification or the missing modules from the author; (2) inspect the workspace path and consider modifying the script to use a safe, explicit path or ask for a parameterized version; (3) run in a sandbox or with backups first; (4) avoid scheduling automatic runs until you confirm the implementation matches the documented integrations and there are no external endpoints.

Like a lobster shell, security has layers — review code before you run it.

evolvervk976pm3e317ejnq4tayenmx6q5835hmdknowledge-graphvk976pm3e317ejnq4tayenmx6q5835hmdlatestvk976pm3e317ejnq4tayenmx6q5835hmdmemoryvk976pm3e317ejnq4tayenmx6q5835hmdsharonvk976pm3e317ejnq4tayenmx6q5835hmd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments