Back to skill
Skillv1.0.0
ClawScan security
Agent Memory Temp · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 9:42 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, README, and runtime instructions are consistent with a local persistent memory for agents; it stores data in a local SQLite DB and does not request credentials or perform network exfiltration, but users should be aware it persistently stores conversation data in their home directory.
- Guidance
- This skill appears to do what it says: a local SQLite-backed memory for agents. Before installing, consider: (1) Privacy — it will persist conversation content and other facts to ~/.agent-memory/memory.db by default; ensure you are comfortable storing that data locally and set appropriate file permissions or use a custom db_path (or :memory: for ephemeral use). (2) Review the code if you have strict security policies — the implementation appears to be pure Python/stdlib and contains no network calls or credential access, but reading the source is quick and recommended. (3) FTS5: the code uses SQLite FTS5 (virtual table); on some systems the Python sqlite3 build may lack FTS5 support — test in a safe environment. (4) Note the minor naming mismatch: documentation uses 'agent-memory' while this registry item is 'agent-memory-temp' — ensure you install the correct package/version. If you need encrypted storage, use an encrypted filesystem or modify the code to add encryption at rest before storing sensitive content.
Review Dimensions
- Purpose & Capability
- noteThe name, description, SKILL.md, README, CLI wrappers, tests, and src/memory.py all implement a local persistent memory system (facts, lessons, entities, export). There are no unrelated env vars or external services requested. Minor inconsistency: SKILL.md and README use the install command 'clawdhub install agent-memory' while the registry entry here is 'agent-memory-temp' (naming mismatch) — this is likely benign but could confuse installers.
- Instruction Scope
- noteRuntime instructions and code operate locally (SQLite DB at ~/.agent-memory/memory.db by default) and the SKILL.md describes how to integrate the memory into agent lifecycle hooks. The instructions and code can store arbitrary conversation content and other facts persistently — this is expected for a memory skill but is a privacy consideration. There are no instructions to read arbitrary system files, access other credentials, call external endpoints, or run shell commands beyond normal Python usage.
- Install Mechanism
- okNo install spec is provided (instruction-only install or manual copy of src/memory.py), and the package claims zero external dependencies (uses Python stdlib sqlite3/json/etc.). Code files are bundled with the skill; nothing downloads or extracts arbitrary code at install time.
- Credentials
- okThe skill requests no environment variables, no credentials, and no config paths beyond a local SQLite DB (default ~/.agent-memory/memory.db). The level of access requested is proportional to a local memory capability.
- Persistence & Privilege
- noteThe skill persists user data in a local database (by default in the user's home directory). always:false and no special platform privileges are requested, but persistent storage of conversation content increases privacy risk — users should treat stored memories as sensitive data and manage file permissions, backups, and deletion accordingly. The skill does not attempt to modify other skills' configs.