Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
ClawMem
v0.2.4Bootstrap, repair, and verify the ClawMem OpenClaw plugin. Use when ClawMem is not yet installed, not selected as the active memory plugin, missing per-agent...
⭐ 0· 214·0 current·0 all-time
byIan@ianthereal
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md content is consistent with a bootstrap/repair utility for a memory plugin (it calls openclaw to install/enable the plugin, checks plugin slots, and verifies per-agent provisioning). However, the skill metadata declares no required binaries or env vars while the document clearly expects tools like openclaw, python3, gh (or curl + jq), and optional OPENCLAW_AGENT_ID. That mismatch is an omission in declared requirements.
Instruction Scope
The instructions explicitly read the OpenClaw configuration file and per-agent plugin entries, extract tokens and repo names, print shell export lines, and run GH/curl calls using those tokens. Those actions are necessary for verifying provisioning, but they involve accessing potentially sensitive configuration and token data. The instructions also suggest restarting the gateway — an action that may interrupt service and should be done with caution.
Install Mechanism
This is an instruction-only skill with no install spec or code files; nothing is written by the skill itself. The install actions in the document are commands the operator is expected to run (openclaw plugins install ...). Not having an install spec reduces the skill's direct attack surface, but it also means the document relies on external binaries whose provenance you must verify.
Credentials
Although the registry lists no required environment variables, the runtime steps reference OPENCLAW_AGENT_ID and produce CLAWMEM_* exports from stored plugin config values (baseUrl, repo, token). The playbook reads secrets (tokens) from local config and uses them to query an API; this is proportionate to provisioning verification but is sensitive and should be explicitly declared and reviewed before automated execution.
Persistence & Privilege
The skill is not marked always:true and does not request modifying other skills or system-wide agent settings beyond telling the operator to set the plugin slot and restart the gateway. It relies on the operator running commands; it does not itself persist code or credentials on disk.
What to consider before installing
This SKILL.md mostly does what it claims (install/verify a ClawMem plugin), but it asks you to read and export plugin tokens and to run commands that will use those tokens. Before running: 1) verify the source of the @clawmem-ai/clawmem package (review its repository or release host); 2) ensure the required tools (openclaw, python3, gh or curl, jq) are present and come from trusted installs; 3) inspect your openclaw config file yourself (openclaw config file) to see what tokens would be read or exported; 4) avoid running the exports/automation blindly — run the verification steps manually the first time; 5) if you plan to let an agent invoke this skill autonomously, be aware it will be reading local plugin configuration and could access tokens — only allow autonomous runs if you fully trust the skill and its source. If you want a cleaner safety profile, ask the skill author to declare required binaries/env vars and explain where tokens are stored and why each read is necessary.Like a lobster shell, security has layers — review code before you run it.
latestvk973h3k885817ftggcshsy88an83pz54
License
MIT-0
Free to use, modify, and redistribute. No attribution required.