OpenCortex
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
OpenCortex can keep running scheduled memory-maintenance tasks without you manually invoking it each time.
The skill intentionally creates autonomous scheduled agent sessions. This is disclosed and matches the self-improving memory purpose, but it means the agent will continue performing maintenance after installation.
Two cron jobs, both running as isolated OpenClaw agent sessions scoped to the workspace
Install only if you want persistent scheduled memory jobs, and keep the documented cron deletion/disable steps handy.
Personal details, preferences, contacts, and work context may be retained and reused by future agent sessions.
The daily maintenance instructions persist user, contact, preference, and communication information into files that can influence later sessions. This is core to the skill, but it increases the importance of reviewing stored memory.
Distill ALL useful information into the right file ... Contacts mentioned → memory/contacts/ ... Preferences stated → memory/preferences.md ... User info and communication style → USER.md
Periodically review the memory files, especially USER.md, memory/preferences.md, memory/contacts/, and archived logs, and remove information you do not want retained.
A bad summary or reorganization could make future agent sessions rely on incorrect or misplaced memory.
Weekly synthesis can automatically restructure memory across multiple files. This is purpose-aligned, but mistakes in interpretation could propagate into future memory retrieval.
Fix automatically — for issues within the agent's control: split oversized files into focused sub-files, move misplaced content to the correct file ... consolidate scattered duplicates, update MEMORY.md index
Review weekly summaries and important memory-file changes, especially after large or sensitive projects.
If you enable the vault, the skill may rely on a passphrase from an environment variable, system keyring, or optional local file.
The skill supports an encrypted vault and optional passphrase handling. This is expected for its secret-storage feature, but it involves sensitive credential material.
OPENCORTEX_VAULT_PASS ... Vault passphrase via env var. Prefer system keyring ... .vault/.passphrase
Prefer the system keyring, avoid file-based passphrases unless necessary, and keep .vault/ and .secrets-map out of version control.
Using the --push option can upload memory/workspace history to your git remote, including non-secret personal or project context that scrubbing may not remove.
The backup helper can push a scrubbed commit to the configured git remote when explicitly run with --push. The feature is disclosed as off by default, but it can publish workspace contents if enabled.
if [ "$PUSH" = "--push" ]; then git push --quiet 2>/dev/null echo "✅ Pushed to remote."
Use local backup by default; only enable --push for trusted private remotes after reviewing .gitignore and .secrets-map.
A user might overlook that git push is still a possible network operation if explicitly enabled.
This reassuring statement is mostly aimed at telemetry/phone-home behavior, but the same artifacts also document optional git push. The optional network path is disclosed, so this is an ambiguity rather than evidence of deception.
OpenCortex contains zero network operations — no telemetry, no phone-home, no external endpoints.
Treat the no-network claim as applying to default setup/telemetry, and separately review any git backup or push configuration.