Auto Drive
ReviewAudited by ClawScan on May 1, 2026.
Overview
The skill does what it says—upload/download Auto-Drive files and maintain a permanent memory chain—but users should understand that stored data and recalled memories may be long-lived and sensitive.
This skill appears coherent and purpose-aligned. Before installing, be comfortable with giving it an Auto-Drive API key and with the fact that uploaded files or memory entries are intended to be permanent. Do not use it to store secrets, private documents, or unreviewed memory chains unless you are comfortable with long-term persistence and later reuse by the agent.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user or agent selects a private file, it may be uploaded to decentralized storage and become difficult or impossible to remove.
The script uploads a user-specified local file to the external Auto-Drive service. This is the core purpose of the skill and is disclosed, but users should recognize that arbitrary selected files can be transmitted to permanent storage.
curl ... -X POST "$AD_API_BASE/uploads/file/$UPLOAD_ID/chunk" ... -F "file=@$FILE_PATH"
Only upload files or memory content that you are comfortable storing permanently; ask for explicit confirmation before uploading sensitive files.
Anyone who can read the local OpenClaw config or .env file may be able to use the user's Auto-Drive API key.
The setup helper saves the Auto-Drive API key into local OpenClaw configuration and .env files. This is disclosed and uses chmod 600, but it is still credential handling.
echo "AUTO_DRIVE_API_KEY='${safe_key}'" >> "$AD_ENV_FILE"Protect the OpenClaw configuration directory, rotate the API key if it may have been exposed, and avoid sharing logs or terminal output containing the key.
A recalled memory chain could reintroduce sensitive information or influence the agent with stale or malicious content if an untrusted CID is used.
The skill is intentionally designed to restore agent context from persisted memory entries. This is core functionality, but recalled content may include old, sensitive, or untrusted instructions/data.
Resurrect from a chain — given the latest CID, walk the chain backwards to reconstruct full agent history.
Treat recalled memories as untrusted context, review the source CID, and avoid storing secrets or instructions that should not persist across sessions.
Users have less external provenance information to verify who maintains the skill or where updates come from.
The registry metadata does not provide a source repository or homepage, which limits provenance checks even though the included artifacts are readable and coherent.
Source: unknown; Homepage: none
Review the included scripts before installing and prefer skills with clear source and maintainer information when handling credentials or persistent data.