Back to skill
Skillv1.0.0
ClawScan security
Memory Management (PARA) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 2, 2026, 3:57 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, scope, and requested access are coherent with its stated purpose: it reads, distills, archives, and updates local OpenClaw workspace memory files and performs no external network activity or unrelated credential access.
- Guidance
- This skill is coherent for local memory maintenance but will read, update, archive, and delete files in ~/.openclaw/workspace. Before installing: (1) back up your workspace (especially raw memory/YYYY-MM-DD.md files), (2) run the skill in a dry-run or test workspace to confirm routing/merge behavior, (3) review and approve the SOP for deletion/archival semantics, and (4) consider restricting autonomous runs (use manual triggers or schedule with monitoring) if you need to review changes before originals are removed. There are no signs of external data exfiltration or unexpected credential requests in the provided files.
Review Dimensions
- Purpose & Capability
- okName/description (memory distillation using Root+PARA) match the runtime instructions: the skill reads from ~/.openclaw/workspace/memory/, extracts items, and updates USER.md, SOUL.md, TOOLS.md, IDENTITY.md, PROJECTS.md, AREAS.md, RESOURCES.md and MEMORY.md. All requested actions are consistent with a local memory-management tool.
- Instruction Scope
- noteSKILL.md explicitly directs reading, merging, appending to archive files, and deleting processed raw logs in ~/.openclaw/workspace. These actions are in-scope, but deletion of originals is destructive — the SOP requires append-then-delete; users should understand this will modify and remove raw logs after processing.
- Install Mechanism
- okNo install spec and no code files — instruction-only skill. Nothing is downloaded or written to disk by an installer, minimizing install-time risk.
- Credentials
- okThe skill declares no environment variables, no credentials, and no external endpoints. It only requires local filesystem access to the OpenClaw workspace, which is proportionate to its function.
- Persistence & Privilege
- okalways is false (default). The skill can be invoked by the agent normally; it does not request permanent/global privileges or modify other skills. Autonomous invocation is platform default but not unusually privileged here.