Skillv1.0.0

ClawScan security

Auto Memory · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 2, 2026, 12:34 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, scripts, and required environment match its stated purpose (permanent memory storage on the Autonomys Auto Drive) and do not request unrelated credentials or perform unexpected network calls.
Guidance: This skill is internally consistent with its claimed purpose, but consider the following before installing: - The AUTO_DRIVE_API_KEY you provide will be saved to ~/.openclaw/openclaw.json and ~/.openclaw/.env (file permissions are set to 600) — treat that key like any other secret. - Data uploaded through this skill is meant to be permanent and immutable on the Autonomys DSN. Do not upload sensitive personal data or secrets you may later want removed. - The skill communicates only with Autonomys/Auto Drive endpoints (mainnet.auto-drive.autonomys.xyz, public.auto-drive.autonomys.xyz, gateway.autonomys.xyz, ai3.storage). Verify you trust that service and its privacy/retention policies. - The scripts attempt to constrain filesystem writes to the user home/workspace and validate inputs, but review the files yourself if you have stricter security requirements. - Because the skill can be invoked by the agent (normal platform default), consider whether you want the agent to autonomously save data permanently; if not, limit invocation scope or require explicit user confirmation before saving.

Purpose & Capability: okName/description, required env var (AUTO_DRIVE_API_KEY), declared binaries (curl, jq, file), the API endpoints in the references, and the provided upload/download/save/recall scripts are coherent with a storage/memory-chain skill.
Instruction Scope: okSKILL.md and the scripts instruct the agent to upload/download CIDs, manage a local state file, update a MEMORY.md, and save the API key to the OpenClaw config. The scripts restrict file writes to user home/workspace and validate inputs (CID format, path traversal checks). They only communicate with Autonomys/Auto Drive endpoints documented in the references.
Install Mechanism: okInstall spec only suggests installing standard CLI tools via Homebrew (curl, jq, file). No downloads from arbitrary URLs or execution of fetched code are present; the code files are included with the skill.
Credentials: okOnly one primary credential (AUTO_DRIVE_API_KEY) is required and used exclusively to authenticate to the Auto Drive API. Other environment/config knobs (AGENT_NAME, OPENCLAW_WORKSPACE) are local and used legitimately. The skill saves the API key to ~/.openclaw/openclaw.json and ~/.openclaw/.env — this is expected but worth noting.
Persistence & Privilege: okThe skill does not set always: true. It writes configuration and state to its own OpenClaw config and workspace (expected behavior). It does not modify other skills or global system settings beyond its own config files.