Back to skill
Skillv1.0.0
ClawScan security
Ichiro-Mind · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 7, 2026, 5:04 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill appears internally consistent with its stated purpose (a local 4-layer memory system); requested environment access (OPENAI_API_KEY) and files it writes are proportional to its functionality and there are no obvious incoherent or malicious behaviors in the provided files.
- Guidance
- This skill appears to do what it says: a local multi-layer memory system that optionally uses OpenAI embeddings and LanceDB. Before installing, consider: 1) The skill stores files under ~/.ichiro-mind and creates SESSION-STATE.md in the workspace — inspect or back up any existing files with those names. 2) It requests your OPENAI_API_KEY; embeddings (if enabled) will send content to OpenAI — avoid storing highly sensitive personal data unless you accept that. 3) The SKILL.md shows adding an MCP entry to ~/.openclaw/mcp.json so agents can call the service; review any changes you make to that file and only register the MCP server if you trust the skill. 4) The provided core code appears consistent but part of core/__init__.py is truncated; review the full IchiroMind implementation locally (especially any network calls, cloud-backup behavior, or optional lancedb/openai usage) before granting the OpenAI API key. 5) If you want extra caution, run the skill in a sandbox or test environment and keep cloud_backup disabled unless you explicitly configure a trusted backup target.
Review Dimensions
- Purpose & Capability
- okName/description, config/default.json, SKILL.md, and the code align: the skill implements HOT/WARM/COLD/ARCHIVE layers, uses LanceDB (optional) and OpenAI embeddings (provider set to 'openai' in config). Requesting OPENAI_API_KEY is consistent with the declared embedding provider and the cold layer. Declared plugins (memory-lancedb) match the COLD layer design.
- Instruction Scope
- noteRuntime instructions and CLI operate on local files (creates ~/.ichiro-mind, SESSION-STATE.md in workspace, writes daily memory files) and include an example MCP registration (adding an entry to ~/.openclaw/mcp.json). The SKILL.md does not instruct broad system data collection, but the MCP integration enables the agent to call the skill programmatically; users should be aware that stored memories may be sent to the embedding provider if embeddings are enabled.
- Install Mechanism
- okNo automatic install/downloads or external archives; package.json indicates an entrypoint script and optional dependencies (openai, lancedb). The skill is instruction-and-files-only with no network-based installer, so install risk is low.
- Credentials
- okOnly OPENAI_API_KEY is required (declared in SKILL.md metadata and config references). That aligns with using OpenAI embeddings. No unrelated credentials or high-privilege environment variables are requested.
- Persistence & Privilege
- notealways is false (not force-included). The skill persists data under ~/.ichiro-mind and may be integrated into MCP by adding an entry to ~/.openclaw/mcp.json (example shown). MCP registration enables autonomous/tool-style invocation by agents (normal for skills) — this increases the blast radius if the agent has sensitive data to process, but it is coherent with the skill's purpose.