ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Marrow

v1.0.0

Persistent agent memory for OpenClaw. Surface past failures, log decisions, and compound intelligence across sessions. Use when an agent should enforce Marro...

0· 35·0 current·0 all-time
by@majinbuu0x9
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description and required credential (MARROW_API_KEY) align: a persistent memory service legitimately needs an API key. No unrelated binaries, config paths, or extra credentials are requested.
!
Instruction Scope
SKILL.md forces the agent to call Marrow before/after every 'meaningful' action and to make other lifecycle calls. While redaction rules are documented, logging is mandatory and the instructions give the agent broad discretion about what to log. Because the skill is instruction-only, redaction/enforcement depends entirely on correct agent behavior — increasing risk of accidental leakage of sensitive context (files, API payloads, config, etc.).
Install Mechanism
No install spec or downloaded code is present (instruction-only). This minimizes filesystem/remote-install risk.
Credentials
Only MARROW_API_KEY is required, which is proportionate to the service. However, that single key likely grants the external Marrow service read/write access to all logged memories; combined with mandatory, frequent logging this can surface broad contextual data even though only one env var is requested.
Persistence & Privilege
always is false and the skill does not request system-wide configuration or other skills' credentials. Autonomous invocation is allowed (platform default) but not escalated by this skill.
What to consider before installing
This skill appears to do what it says (agent memory) but it mandates frequent logging to an external service and leaves redaction up to the agent. Before installing: 1) Confirm you trust getmarrow.ai and review their privacy, retention, and access policies; 2) Limit the MARROW_API_KEY scope where possible and use short-lived or revocable credentials; 3) Avoid enabling this skill in environments that handle sensitive PII, secrets, or regulated data unless you have contractual/data-residency guarantees; 4) Test in a sandbox with non-sensitive operations to verify what gets logged; 5) Consider monitoring outbound network calls and auditing logged memories on the Marrow side; 6) If you cannot guarantee safe redaction or vendor controls, do not enable mandatory automatic logging.

Like a lobster shell, security has layers — review code before you run it.

agentvk9710y76135w5ync07yswr482584vgvqdecision-loggingvk9710y76135w5ync07yswr482584vgvqlatestvk9710y76135w5ync07yswr482584vgvqmarrowvk9710y76135w5ync07yswr482584vgvqmemoryvk9710y76135w5ync07yswr482584vgvq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
EnvMARROW_API_KEY
Primary envMARROW_API_KEY

Comments