Back to skill
Skillv1.0.0
ClawScan security
Memory Garden - Validated Community Memory · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 4, 2026, 10:35 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally coherent: it manages a local mg-daemon, augments queries with locally-stored validated patterns, and only requires the mg-daemon binary and local filesystem access — no unrelated cloud credentials are requested.
- Guidance
- This skill appears to do what it claims — run a local mg-daemon, augment queries with validated patterns, and optionally extract/sync patterns. Before installing: 1) Verify the release binaries (download URL + SHA256 in SKILL.md) against the upstream GitHub release you trust. 2) Be aware the skill will create ~/.memory-garden and generate an Ed25519 private key (identity.json, mode 0600) used for signing; protect and back up this file or override its location via MG_IDENTITY_DIR if needed. 3) Extraction and P2P sync are opt-in (disabled by default) — do not enable MG_EXTRACTION_ENABLED or MG_SYNC_ENABLED unless you want the agent to extract conversation content or participate in networked syncing. 4) If you prefer the skill not to augment queries automatically, disable search with MG_SEARCH_ENABLED=false. 5) Inspect scripts/install.sh and mg-daemon upstream source if you need to audit what the native daemon binary does when run with --serve. Overall the required permissions and behavior are proportional to the stated purpose.
Review Dimensions
- Purpose & Capability
- okName/description match behavior: the skill runs a local 'mg-daemon', stores patterns under ~/.memory-garden, and provides search/extract/validate tools. The declared required binary (mg-daemon) and the code (daemon manager + MCP tool calls) are appropriate for a local-first memory service.
- Instruction Scope
- noteSKILL.md and code explicitly start and manage a local daemon, perform health checks, read/write under ~/.memory-garden, and optionally enable P2P sync. This is within scope, but note: the skill will generate and persist an Ed25519 private key (identity.json) under ~/.memory-garden/identity by default; that private key is sensitive and is used for signing P2P attestations. Also the runtime references additional env vars (MG_IDENTITY_DIR, MG_DATA_DIR) in code/docstrings that are not enumerated in the registry metadata — they are optional but affect where files are stored.
- Install Mechanism
- okNo installation spec is required by the registry entry, but SKILL.md metadata includes download entries pointing to GitHub releases for macOS and Linux with SHA256 sums — a well-known release host. Downloads are expected and reasonable for a native daemon binary. No arbitrary paste sites or IP URLs are used.
- Credentials
- noteThe skill does not request unrelated cloud credentials. It reads configuration via MG_* env vars (MG_DAEMON_URL, MG_EXTRACTION_ENABLED, MG_EXTRACTION_CONFIRM, MG_SYNC_ENABLED, MG_SEARCH_LIMIT) documented in SKILL.md. The code also recognizes MG_IDENTITY_DIR and refers to MG_DATA_DIR in error messaging (these are optional). It generates and stores a private key locally (sensitive) — required for P2P signing, so justified, but the user should treat that artifact as a secret.
- Persistence & Privilege
- okalways:false (not force-included) and disable-model-invocation:false (normal). The skill will autonomously run beforeQuery/afterResponse hooks when invoked and may start a detached daemon process and write files to ~/.memory-garden. This level of persistence is expected for a local daemon skill; there is no indication it modifies other skills or system-wide agent settings.