ClawHub
Back to skill
v0.1.0

Agent Memory Persistence

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 6:38 AM.

Analysis

The skill matches its stated purpose as a local SQLite-backed memory library, with the main consideration being that it intentionally stores agent memories across sessions.

GuidanceThis appears safe for its stated purpose. Before installing, decide what kinds of information the agent may store, choose an appropriate local database path, avoid storing secrets unless you have a retention plan, and use expiration or deletion APIs to manage long-term memory.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceMediumStatusNote
package.json
"dependencies": { "better-sqlite3": "^11.10.0" }

The package uses an npm dependency version range, so an installation may resolve to a newer compatible dependency version rather than an exact reviewed version.

User impactThe installed dependency version may differ from the version implicitly reviewed here, which can matter for production or sensitive deployments.
RecommendationInstall from a trusted source, use a lockfile or pinned dependency versions for production, and review dependency updates before deployment.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
Use this skill when an agent needs durable memory storage across sessions.

The skill is explicitly designed to preserve agent memory beyond a single session, which can include user content, metadata, and embeddings that may influence future agent behavior.

User impactInformation stored as memory may remain available in later sessions and could include sensitive details or incorrect memories unless deleted or expired.
RecommendationStore only appropriate data, scope memories by user and session, use expiresAt/delete/cleanupExpired for retention control, and avoid relying on stored memories for high-impact decisions without review.