Back to skill
Skillv1.5.0
ClawScan security
Failure Memory · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 24, 2026, 12:47 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's declared purpose (detecting and recording failures to a local .learnings/ workspace) matches what it requests and instructs, and it does not ask for external credentials or install arbitrary code.
- Guidance
- This skill appears coherent and low-risk: it records and searches failure observations locally in .learnings/ and does not ask for credentials or download code. Before installing, do these checks: 1) Inspect the two config files (.openclaw/failure-memory.yaml and .claude/failure-memory.yaml) to confirm they don't reference unrelated secrets or remote endpoints. 2) Confirm what inputs your agent will provide as 'tool output' or 'CI/CD output' so the skill doesn't receive logs that include secrets. 3) If you plan to install the optional dependency (leegitw/context-verifier), review that package's source before installing. 4) Decide whether you want the agent to be allowed to invoke the skill autonomously (default) — autonomous invocation can change agent behavior by applying learned constraints. If you want, run the skill first manually (/fm ...) and review stored .learnings/ entries to ensure the behavior matches expectations.
Review Dimensions
- Purpose & Capability
- okThe skill claims to detect failures, record observations, search local memories, and promote patterns into constraints; the SKILL.md shows it writes and searches under the workspace (.learnings/) and declares config files (.openclaw/failure-memory.yaml and .claude/failure-memory.yaml). There are no unrelated environment variables, binaries, or opaque install requirements that would be disproportionate to a local failure-memory utility.
- Instruction Scope
- noteInstructions operate on agent-provided context (tool outputs, user messages, CI output) and store results in .learnings/; that is consistent with the stated scope. The SKILL.md does not instruct reading unrelated system credentials or external locations, but triggers referencing 'CI/CD output' or 'database migration failed' imply the agent may examine logs or outputs that must be made available by the orchestrator — ensure those inputs do not include unrelated secrets. The file was truncated in the provided listing, so confirm there are no additional instructions that read/ship secret files.
- Install Mechanism
- okThis is an instruction-only skill (no install spec, no code files). That is the lowest-risk install model. The README mentions a dependency (leegitw/context-verifier) and an example 'openclaw install' command, but no automatic download/install steps are present in the package itself — the dependency reference is informational and not an enforced installer action.
- Credentials
- noteThe skill does not request environment variables or credentials. It does require two config paths (.openclaw/failure-memory.yaml and .claude/failure-memory.yaml) and declares workspace dirs (.learnings/). These config paths are plausible for storing per-skill settings, but you should inspect those YAMLs before use to ensure they don't reference or load other sensitive credentials or tokens (particularly any .claude/ files that could belong to other tooling).
- Persistence & Privilege
- okalways is false and the skill is user-invocable; it does not request permanent system-wide presence. The skill will write to its own workspace directory (.learnings/) and use its own config files. The agent-default ability for autonomous invocation is present (disable-model-invocation is false) — this is normal but you should be aware the agent could invoke the skill when failures are detected.