Auto Memory Curation
Security checks across malware telemetry and agentic risk
Overview
This skill is meant to build memory automatically, but it silently stores selected information from every message into persistent files without per-message approval or clear retention limits.
Install this only if you are comfortable with automatic memory creation from your chats. Avoid using it during sensitive conversations, periodically inspect the generated memory files, and make sure there is a reliable way to delete or correct saved memories.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Personal details, preferences, goals, project information, and commitments could be saved and reused later even when the user did not explicitly say to remember them.
The skill automatically persists selected conversation content into memory files, making private or incorrect information available for future context without per-message confirmation or clear retention controls.
Silently analyze every message for important information and store it appropriately... Runs on every message (silently)... Use append mode (never overwrite)
Use only if you want automatic memory capture. Review the memory files regularly, add explicit exclusions and retention/deletion rules, and disable it during sensitive conversations.
The agent may perform memory curation alongside ordinary conversations, which can be surprising if the user expects skills to run only when requested.
The skill is designed to operate passively rather than only when directly invoked. This is disclosed and aligned with its purpose, but users should notice the always-on behavior.
Runs on every message (silently) - No user activation needed
Confirm that passive operation is desired, and provide clear enable/disable controls before relying on this skill.