Skillv1.0.2

ClawScan security

memori-extension · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 2, 2026, 7:08 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and optional environment variables are consistent with its stated purpose: local memory augmentation and optional external augmentation via Zhipu only when an API key is provided.
Guidance: This skill appears coherent, but follow these precautions before enabling external features: 1) Test in local-only mode by leaving ZHIPUAI_API_KEY unset—this keeps all work on your machine. 2) Review the Memori and zhipuai packages (origin, maintainers) before pip installing. 3) If you do supply ZHIPUAI_API_KEY, understand that full conversation text (including system prompts and assistant responses) may be transmitted to Zhipu's servers. 4) Protect the local database and tech_terms file with appropriate file permissions and backups; the skill can append terms to the configured file. 5) If you need higher assurance, run the skill in a sandbox environment and inspect traffic to confirm only intended API calls occur.

Review Dimensions

Purpose & Capability: okName/description match the implementation: the bundle wraps the Memori Python library for local memory operations and exposes an optional Zhipu client that is only activated when ZHIPUAI_API_KEY is set. Required binaries (python3) and the declared Python dependency (memori) are appropriate.
Instruction Scope: okSKILL.md and the code explicitly describe file reads/writes (local SQLite DB and optional tech terms file) and clearly document that conversation text is sent to Zhipu only if the ZHIPUAI_API_KEY env var is provided. The code also persists added tech terms when persist=True. There are no instructions to read unrelated system files or to exfiltrate secrets beyond the controlled Zhipu API call.
Install Mechanism: okThis is an instruction-only skill with included Python wrapper code; installation is via pip for memori (and optionally zhipuai). No downloads from untrusted URLs or extract/install steps are present in the manifest.
Credentials: okNo required credentials are declared. The only sensitive environment variable is ZHIPUAI_API_KEY (optional) which directly maps to the optional external augmentation feature. Other environment variables control local file paths and terms and are proportionate to the functionality.
Persistence & Privilege: okThe skill does not request always:true or other elevated persistence. It reads/writes its own local DB and optional config file; it does not modify other skills or global agent configuration.