Lily Memory 5.0.0

Type: OpenClaw Skill Name: lily-memory-5-0-0 Version: 1.0.0 The OpenClaw Lily Memory plugin is classified as benign. The code demonstrates strong security awareness, particularly in its handling of shell and SQL injection risks. The `lib/sqlite.js` module uses `execSync` to interact with the `sqlite3` CLI, which is a common pattern but inherently risky. However, the `escapeSqlValue` function and the shell escaping logic within `sqliteQuery` and `sqliteExec` appear robust, and the `CHANGELOG.md` explicitly highlights 'SQL sanitization' as a key security improvement. Furthermore, the `test/docker-smoke.mjs` and `test/smoke.mjs` files include explicit SQL injection safety tests, confirming developer intent to prevent such vulnerabilities. Prompt injection against the AI agent is present in `lib/recall.js` and `lib/stuck-detection.js`, but it is used for beneficial purposes like injecting memory context and self-correction nudges, not for malicious subversion or data exfiltration. No evidence of credential theft, unauthorized network activity (Ollama is local-only), persistence mechanisms beyond its stated memory function, or obfuscation was found.