memory-orchestrator
ReviewAudited by ClawScan on May 10, 2026.
Overview
This local memory skill is mostly purpose-aligned, but its memory-card creation commands can write outside the intended memory folder if given unsafe names.
Install only if you are comfortable with a local memory folder that stores selected conversation details. Until the slug handling is fixed, avoid slugs containing '/', '..', or absolute paths, and review any agent-generated new-topic or new-object commands before running them.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent invokes this command with an unsafe slug, it could create a YAML file outside the intended memory folder.
The agent/user supplied slug is directly used to construct a file path, with no validation or containment check to keep writes inside memory/topics/.
ap.add_argument('--slug', required=True) ... path = TOPICS_DIR / f'{args.slug}.yaml' ... path.write_text(dump_yaml(blob), encoding='utf-8')Restrict slugs to safe kebab-case identifiers, reject path separators and absolute paths, resolve the final path, and verify it remains under TOPICS_DIR before writing.
A malformed object slug could cause the skill to create a new file outside memory/objects/.
The object slug is also used directly in a write path; with absolute paths or '../' segments, the write may escape the intended object-type directory.
ap.add_argument('--slug', required=True) ... path = os.path.join(target_dir, f'{args.slug}.yaml') ... with open(path, 'w', encoding='utf-8')Apply the same path-safety checks to object creation: normalize the slug, reject traversal characters, and enforce that the resolved path is under the selected object directory.
Sensitive, incorrect, or instruction-like content that is remembered may remain in local files and influence later answers.
The core design stores selected user messages, preferences, decisions, and facts as persistent memory for later recall.
Before composing the answer, extract memory-worthy events ... Write them immediately to: memory/session-state.yaml; memory/daily/YYYY-MM-DD.md
Inspect and prune the memory/ directory regularly, avoid storing secrets, and treat recalled memory as user context rather than authoritative instructions.