Back to skill
Skillv1.0.0
VirusTotal security
OpenClaw Advanced Memory · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:56 AM
- Hash
- 8407d2ae87b91df7e09789b6383e5ca843cf70580ab72e503bbfaea0455ce173
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: openclaw-advanced-memory Version: 1.0.0 The skill installs persistence mechanisms (systemd service and cron jobs) via `scripts/install.sh`, which is a high-risk capability, even though it is documented and necessary for the skill's stated purpose. It processes sensitive agent conversation transcripts from `~/.openclaw/agents/spark/sessions` using `scripts/mem_capture.py`. Furthermore, `scripts/mem_curate.py` feeds these transcripts to a local LLM for curation, introducing a prompt injection vulnerability, despite mitigation attempts in `scripts/curator_prompt.md`. While there is no evidence of intentional malicious behavior or data exfiltration, these combined high-risk capabilities and the inherent LLM vulnerability warrant a 'suspicious' classification.
- External report
- View on VirusTotal