Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to be an 'emergency brake / risk blocker' but the SKILL.md focuses heavily on a persistent memory subsystem that auto-stores user preferences and decisions. Persistent long-term memory/storage is not obviously required for an emergency stop capability, so this is disproportionate to the stated purpose.
Instruction Scope
The runtime instructions include executable Python snippets that create a directory in the user's home, read/write a memories.json file, and provide examples of automatic calls (store_memory/search_memories/get_context). These instructions grant the agent discretion to persist and read arbitrary user-provided content across sessions. The skill text also suggests the memory functions will be '自动调用' (automatically invoked), which is vague and broad.
Install Mechanism
There is no install spec and no code files beyond SKILL.md, so nothing is written to disk by an installer. The risk comes from the provided runtime instructions rather than an install mechanism.
Credentials
Metadata declares no required config paths or env vars, but SKILL.md explicitly uses a path under the user's home (~/.openclaw/pv_palace/memories.json). That filesystem access is not documented in the manifest, and the skill can store arbitrary content (which may include sensitive data) without requesting or documenting credentials/consent.
Persistence & Privilege
The skill does not request 'always: true' and is user-invocable, but it instructs the agent to maintain persistent local memory across sessions. Persisting user decisions/preferences locally is a meaningful privilege; it's acceptable in principle but should be explicit in the metadata and require user consent/configuration (e.g., encryption, retention policy).
What to consider before installing
This skill contains an embedded persistent-memory system that will create and modify ~/.openclaw/pv_palace/memories.json and claims these memory functions are 'automatically' invoked. Before installing or enabling it: 1) Confirm you want automatic local persistence of preferences/decisions (may include sensitive info). 2) Ask the author how data is selected for storage, retention period, and whether it is encrypted. 3) Consider running the skill in a sandbox or with HOME redirected to a disposable folder to inspect what gets written. 4) If you proceed, restrict file permissions on the PV palace folder and periodically audit or delete memories.json. 5) If you do not want persistent storage or automatic invocation, do not install or request a version without the auto-memory behavior. The metadata does not declare the filesystem access — treat that as a red flag and get clarification before proceeding.Like a lobster shell, security has layers — review code before you run it.
latestvk9782qmwabn4t7gpa4vxjpj0ws84f67s
License
MIT-0
Free to use, modify, and redistribute. No attribution required.