Langcache Semantic Caching for OpenClaw
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: openclaw-langcache Version: 1.0.0 The skill is designed for semantic caching and includes robust, explicit security measures to prevent the caching and retrieval of sensitive data. Both `scripts/langcache.sh` and `examples/agent-integration.py` implement extensive regex patterns to hard-block temporal information, credentials (e.g., API keys, passwords), identifiers (e.g., emails, phone numbers), and personal context from being stored or retrieved from the cache. While the skill uses high-privilege tools like `Bash` and `WebFetch`, their usage is strictly confined to interacting with the specified LangCache API, and there is no evidence of data exfiltration to unauthorized endpoints, malicious execution, or prompt injection attempts in `SKILL.md`.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Sensitive prompts or responses, including credentials or personal data, could be stored in the semantic cache if the override is used, despite the documentation presenting the blocks as absolute.
SKILL.md says blocked categories are "blocked at the code level" and cache operations will refuse to store them, but this helper can override the block and persist otherwise-blocked content in LangCache.
--force) force=true ... echo "Warning: --force flag used, storing anyway (not recommended)"
Remove the force override for credentials/PII, or clearly document it as a privileged action requiring explicit user confirmation and audit logging.
An accidental or misunderstood delete/flush command could remove cached responses and cannot necessarily be undone.
The skill exposes user-directed cache mutation operations, including full cache flush. This is purpose-aligned and disclosed, but destructive if run accidentally.
./scripts/langcache.sh delete --id "<entry-id>" ... ./scripts/langcache.sh flush ... Clear all entries (use with caution)
Require explicit user confirmation before delete or flush operations, and prefer scoped deletes by entry ID or tightly bounded attributes.
The API key can authorize cache reads, writes, deletes, or flushes depending on its permissions.
The helper reads local LangCache credentials and sends the API key as a Bearer token to the configured LangCache host; this is expected for the service, but the registry metadata declares no required env vars or primary credential.
source "$SECRETS_FILE" ... -H "Authorization: Bearer ${LANGCACHE_API_KEY}"Use a least-privileged LangCache key scoped to the intended cache, store it securely, and update metadata to disclose the required environment variables.