Back to skill
Skillv7.0.0
ClawScan security
Reminiscence-追忆 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 9, 2026, 12:37 PM
- Verdict
- Benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements are internally consistent with a local, filesystem-only memory search tool; no network calls or unrelated credentials are requested, but it does persist indexed copies of your memory files to disk so review before use.
- Guidance
- This skill appears to do what it says: local BM25-style search over your memory markdown files, implemented in a pure-Python script with no network behavior or external credentials. Before installing: (1) inspect the full search.py file yourself (and any truncated sections) to confirm there are truly no network calls or unexpected behavior; (2) review the files under ~/.openclaw/workspace (MEMORY.md and memory/*.md) for sensitive information because the skill will read them and store an index (~/.openclaw/memory_bm25_index.json); (3) if you want to limit exposure, run the script on a copy or restrict MEMORY_PATHS to a curated directory; (4) remove the index/cache files if you uninstall the skill or after testing. Confidence is medium because a portion of the source shown was truncated — verify the remainder before trusting it fully.
Review Dimensions
- Purpose & Capability
- okName/description (local BM25-based memory search) match the files and runtime behavior: the script reads markdown memory files under ~/.openclaw/workspace, builds a local JSON index, and performs BM25 + multi-signal reranking. No unrelated credentials, binaries, or services are requested.
- Instruction Scope
- noteSKILL.md directs the agent to run the included Python script and to read/write index files under ~/.openclaw. That is appropriate for a local memory search skill. Note: the skill will read any files matching the configured MEMORY_PATHS (default ~/.openclaw/workspace/MEMORY.md and ~/.openclaw/workspace/memory/*.md), so it has access to all data in those paths — which is expected but could expose sensitive local content via search results.
- Install Mechanism
- okNo install spec; this is instruction + inline script only. No downloads or external packages are pulled — the script claims to use only Python stdlib and included code appears to implement that.
- Credentials
- okThe skill requests no environment variables, no external API keys, and no unrelated configuration paths. The declared scope (workspace memory files and local index/cache) is proportional to its stated functionality.
- Persistence & Privilege
- notealways:false and normal invocation. The script creates/reads persistent files in the user home: ~/.openclaw/memory_bm25_index.json and a token/cache path (~/.openclaw/memory_bm25_token_cache.json). These files store derived copies/indices of your memory files and will persist on disk until removed — consider this when handling sensitive content.