Skillv1.0.2

ClawScan security

Memory · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 22, 2026, 3:37 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only local memory system that consistently documents creating and managing a ~/memory/ folder for long-term organized storage and does not request credentials, installs, or network access — its requirements and instructions align with its stated purpose.
Guidance: This skill is coherent and local-only, but before installing consider: (1) it will create and persist potentially sensitive text files in ~/memory/ — decide where you want them stored and whether to encrypt or back them up; (2) the agent may write entries immediately when users provide data, so confirm that behavior with end users; (3) syncing from built-in memory is one-way and must be explicitly enabled — do not enable sync unless you want copies of MEMORY.md content placed in ~/memory/; (4) because the agent can be invoked autonomously (platform default), only enable the skill for agents you trust to create and manage files on your behalf; (5) review/remove ~/memory/ if you later want to revoke the skill's data; and (6) if you have security policies about data-at-rest in user home directories, treat this skill like any other that writes persistent files and apply appropriate controls (permissions, encryption, audit).
Findings: [regex-scanner-no-findings] expected: Scanner had no code files to analyze; this is an instruction-only skill so absence of findings is expected.

Review Dimensions

Purpose & Capability: okName/description match the content: the skill is a file-based 'infinite' memory system. It only requires file I/O in the user's home directory (~/memory/) and does not ask for unrelated binaries, credentials, or services.
Instruction Scope: noteSKILL.md instructs the agent to create, read, move, index, and search Markdown files under ~/memory/ and optionally to read built-in memory (MEMORY.md) for one-way sync. These operations are consistent with the purpose, but the skill does instruct the agent to write to the user's home directory and to read workspace built-in memory when syncing — the user should expect on-disk persistence of potentially sensitive data and explicit consent should be obtained before syncing built-in memory.
Install Mechanism: okNo install spec and no code files — instruction-only. This is lowest-risk from an installation perspective because nothing is downloaded or executed beyond normal shell commands if the agent runs them.
Credentials: okNo environment variables, credentials, or config paths are requested. The documented operations only use file paths under the user's home and optionally read the agent's built-in MEMORY.md when the user opts into sync, which is proportionate to the described functionality.
Persistence & Privilege: noteThe skill persists data by writing files into ~/memory/ (intentional per spec). always is false and autonomous invocation is allowed (platform default). This combination is reasonable for a memory skill but increases blast radius if the agent is allowed to act autonomously — users should ensure they trust the agent to create persistent files.