Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
记忆模组
v1.0.4智能体底层记忆基础设施,提供感知记忆、短期语义桶(洞察驱动话题聚类+跨层关联索引)、长期8分类记忆(含反思记忆)、六维质量上下文重构、超然洞察池、链式推理增强、隐私配置和数据加密;当用户需要构建智能体记忆能力、管理对话上下文、实现长期记忆持久化、集成LangGraph状态管理或增强链式推理反思能力时使用;作为元技...
⭐ 0· 109·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description match the included modules: perception, short_term, long_term, encryption, credential manager, context reconstructor, chain reasoning, etc. That alignment suggests the code implements the claimed memory infrastructure. However, the skill exposes a full credential manager and key management surface that goes beyond simple 'context handling' (it stores arbitrary secrets, generates a master key file, and can export the master key), which is sensitive and should have explicit justification and declared env/config requirements.
Instruction Scope
SKILL.md instructs the agent to create local storage paths, persist keys/credentials, and to subscribe/sync state (LangGraph integration) and persist reflection results. The instructions direct read/write of filesystem paths (./memory_data, ./state_storage, credentials file and .master_key) and examples show storing real tokens (e.g., github_token). The SKILL.md does not explicitly declare some environment/config items the code will read (see environment_proportionality). The instructions therefore reach outside a minimal 'memory helper' scope into persistent secret storage and system-state capture.
Install Mechanism
There is no external download/install script in the spec (instruction-only), and all code is included in the bundle. No remote URLs or extract steps are present in the install spec. That reduces supply-chain risk compared to arbitrary downloads.
Credentials
The skill declares no required environment variables in metadata, but the code looks for an environment-sourced master key (MEMORY_MASTER_KEY) and encryption key-loading methods. The credential manager will auto-generate and persist a master key file if none is provided. Requesting storage of arbitrary credentials (and providing export_master_key) without declaring credential/environment requirements is disproportionate and increases risk of accidental secret persistence or exfiltration if combined with other code.
Persistence & Privilege
always: true is set and SKILL.md explicitly says '元技能,强制常驻运行'. A forced resident skill that also handles arbitrary credential storage and state capture has a higher blast radius. While memory infra may plausibly need persistence, the combination of always-on residency + secret storage + ability to subscribe/sync state means this skill should be installed only with explicit trust and review.
What to consider before installing
Before installing: (1) Review the full source (including omitted files) for any network calls/callbacks — the manifest shows many modules; hidden remote endpoints would be a major risk. (2) Treat the credential manager as a sensitive subsystem: do not store high-value secrets here unless you control the host and have audited the code. Prefer injecting a master key from a secure KMS via environment variable rather than letting the skill auto-generate .master_key. (3) Because the skill is always: true, consider disabling force-residency or restricting it to an isolated agent environment. (4) Verify there are no undeclared environment variables or external callbacks (LangGraph subscriptions may call user-provided callbacks). (5) Run static and dependency scans (pip audit) for cryptography/pydantic issues and test in a sandbox before granting real data or tokens.SKILL.md:1
Skill is configured with always=true (persistent invocation).
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
latestvk973kqg8qnz5sw5f71f661ped583kz0e
License
MIT-0
Free to use, modify, and redistribute. No attribution required.