Memory Write
Security checks across malware telemetry and agentic risk
Overview
This memory-writing skill is purpose-aligned, but it asks the agent to automatically archive broad daily work and chat records into persistent memory without clear user approval, scope, retention, or exclusion controls.
Review this skill carefully before installing. It is an instruction-only memory tool, but it is designed to record a lot of work and chat content automatically. Use it only if you are comfortable with persistent memory being created, and define clear limits for what can be saved, when it runs, how long records are kept, and what sensitive content must be excluded.
VirusTotal
58/58 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private work details, ideas, or accidental sensitive content could be retained and reused later without clear limits.
The skill instructs the agent to record all daily work and temporary ideas without filtering, which can capture sensitive or irrelevant information into persistent memory.
- 每天做的所有事 - 彧哥的临时想法(突发要事) - 做完就完了的事 - **不判断价值,全部记**
Only use this skill with clearly scoped memory folders, explicit exclusions, and user approval for what may be stored and reused.
Conversation history may be stored broadly and repeatedly, increasing privacy and future-context poisoning risk.
The skill directs hourly automatic archiving of chat records into persistent files, but does not specify consent, scope, retention, redaction, or who can access those records.
| 每小时自动归档 | memory/冷/聊天记录/YYYY/MM/DD/YYYY-MM-DD-HH.jsonl |
Require explicit opt-in for chat archival, define which chats are included, set retention limits, and add redaction rules for sensitive content.
Mistakes, sensitive details, or untrusted instructions from conversations could become embedded in future memory and influence later work.
The skill says important conversations are stored, reorganized, split, vectorized, and used to build architecture, but it does not define validation or boundaries for what becomes trusted memory.
| 彧哥+豆包重要对话 | 存中转区 → 小蜂夜间规整、拆份、向量化、拼架构 |
Add a review step before vectorization or architecture synthesis, and mark archived chat-derived content as untrusted until approved.
The agent may keep writing memory records even when the user did not specifically ask for a record to be created.
The skill explicitly tells the agent to perform automatic writes without human triggering, which creates autonomous persistent behavior beyond normal user-directed note taking.
*本模块负责自动化写入,不依赖人触发。*
Require user confirmation or a clearly documented schedule/enable switch before any automatic memory writing occurs.
Users have less assurance that the displayed registry entry and packaged artifact metadata refer to the exact same release.
The embedded metadata differs from the provided registry metadata, which lists a different owner ID and version 1.0.4. This does not show malicious behavior, but it weakens provenance clarity.
"ownerId": "kn73vp5rarc3b14rc7wjcw8f8580t5d1", "slug": "memory-write", "version": "1.0.3"
Publisher should align _meta.json with the registry owner, version, and publication data before release.