Memory Strategy
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This memory skill is coherent, but it asks the agent to permanently store, automatically reload, and auto-write conversation memories, including references to API keys, with limited user control.
Install only if you are comfortable with persistent conversation memory. Before using it, remove any instruction to store API keys, require approval before long-term saves, review the .memory files regularly, and avoid sending sensitive content to the optional Kimi API scorer.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
API keys or other secrets could be saved into memory files and later exposed, reused, or included in future context unintentionally.
The skill explicitly suggests keeping related API keys in core memory, which could place credentials in agent-readable persistent context.
Level 1: 核心记忆 (P0) ├── MEMORY.md - 关键配置段落 └── contacts.md - 相关API密钥
Do not store API keys in memory files. Keep secrets in a dedicated secret manager or environment variables, redact credentials before saving memories, and define exactly which credentials may be referenced.
Incorrect, sensitive, or maliciously phrased information could persist across sessions and influence future agent behavior.
The skill creates persistent long-term memory that is always effective, but the artifacts do not define safeguards for what may be stored, how it is validated, or how future agents should treat it.
双层记忆架构:长期记忆(永久保存)+ 短期记忆(30天衰减) ... 长期记忆(始终生效)
Require explicit confirmation before long-term writes, separate factual memory from instructions, add redaction/exclusion rules, and provide review/delete controls for stored memories.
The agent may save or reorganize conversation content after the user stops interacting, including content the user did not intend to preserve.
The skill describes autonomous memory整理 and file writes after inactivity, without clearly requiring a user preview or approval before persistence.
Silent Agent 静默整理 ... 长时间无交互(10分钟) ... 分级写入:按评分写入对应文件
Make Silent Agent behavior opt-in, disable inactivity-triggered writes by default, and show a preview or diff for user approval before saving.
Text submitted for scoring may be processed by an external API provider.
The skill discloses an optional external provider call for scoring memory importance, which is purpose-aligned but may send conversation text outside the local environment.
Kimi API 智能评分(推荐) ... Kimi API 会根据内容语义自动判断4个维度的分值
Avoid sending secrets or sensitive personal data to the scoring API, and confirm the provider’s privacy and retention terms before use.
Users may need to supply or obtain unreviewed scripts to follow the documented workflow.
The instructions reference helper scripts, but the reviewed package is instruction-only and does not include those script files, so their implementation is not reviewable here.
python scripts/evaluate_importance.py ... python scripts/silent_agent.py ... python scripts/update_index.py
Only run helper scripts from a trusted, reviewed source, and ensure any future package includes the scripts and lockfiles for review.