Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
reflect
v2.56.0Session retrospective and skill audit. Use when asked to reflect, do a retrospective, review lessons learned, audit what went well or wrong, or review sessio...
⭐ 0· 117·0 current·0 all-time
byIlia Alshanetsky@iliaal
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description ('reflect' / session retrospective) align with the SKILL.md: scanning the conversation, listing mistakes, improvements, and auditing skills is coherent. However, the instructions require writing persistent memory files under ~/.claude/projects/<project-slug>/memory/, but the skill metadata declares no required config paths; that mismatch should be explained or corrected.
Instruction Scope
The SKILL.md instructs the agent to 'scan the full conversation' and to save approved items to persistent memory using a Write tool. Scanning the session is appropriate for retrospection, but saving to disk can capture sensitive data. The doc does not specify sanitization, redaction, or explicit confirmation flows for saving (it asks which items to remember, but also gives a direct save path and file format guidance). This grants the skill discretion to persist conversation content and metadata without clear safeguards.
Install Mechanism
Instruction-only skill with no install spec and no downloaded code. This is low-risk in terms of executable installs or remote code fetch.
Credentials
The skill requires no environment variables or credentials, which is appropriate. That said, it expects filesystem write capability (Write tool) and a specific home-path layout — the metadata did not declare those config paths, so the level of access implied by the instructions is not declared.
Persistence & Privilege
Although 'always' is false, the skill's instructions explicitly direct writing to a persistent memory path under the user's home. The skill metadata did not list required config paths or explicitly note that it will write to disk. This is a privilege/persistence mismatch: the skill can persist data but metadata doesn't reflect that requirement or ask for explicit permission policies or sanitization rules.
What to consider before installing
Before installing or enabling this skill: 1) Confirm whether the agent platform's Write tool will prompt for explicit user approval before writing files; if it can write silently, treat this as high-risk for sensitive data. 2) Ask the skill author to update metadata to declare the required config path(s) (the ~/.claude/projects/... memory directory) and to document when and how data is persisted. 3) Request that the skill include explicit sanitization/redaction rules and an explicit approval step before any conversation content is saved. 4) Test the skill in a non-sensitive session to verify it only writes memory after you explicitly approve items, and inspect what exactly it writes. 5) If you store sensitive secrets or private data in chats, avoid enabling automatic persistence until you verify safe handling (encryption, access control, and ability to delete saved memory).Like a lobster shell, security has layers — review code before you run it.
latestvk976n4rn3rg7z61ek6n3zy01y184v1ff
License
MIT-0
Free to use, modify, and redistribute. No attribution required.