X1 Vault Memory

This skill is designed for encrypted, decentralized backup and restore of OpenClaw agent memory. It uses strong cryptographic practices (AES-256-GCM, PBKDF2) and includes critical security mitigations such as `validateCID` for all Content Identifiers (CIDs) before network requests (SSRF prevention) and before executing child processes (`execFileSync` in `heartbeat.js`, preventing shell injection). It also implements SHA-256 checksum verification for data integrity during restore. All external communications (Pinata, X1 RPC) and local file system access are aligned with the stated purpose. Persistence mechanisms (cron jobs) are opt-in and clearly documented. There is no evidence of intentional malicious behavior like unauthorized data exfiltration, backdoors, or stealthy operations. The skill explicitly warns users about handling sensitive `wallet.json` and `PINATA_JWT` credentials securely.