Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Openclaw Sulcus Skill
v3.12.0Equip your agent with Sulcus — thermodynamic memory with a knowledge graph. SIU v2 pipeline auto-classifies and scores memories. Apache AGE enables temporal...
⭐ 1· 206·0 current·0 all-time
byDooley@mcdoolz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description and SKILL.md consistently describe a Sulcus memory system (memory_store, memory_recall, triggers, curator). The SKILL.md also declares it requires plugin 'openclaw-sulcus', which makes the instruction-only form plausible. However, the skill does not provide any network endpoints, credentials, or deployable components for the described server-side features, so it is incomplete: it assumes an external backend/plugin that is not included or documented here.
Instruction Scope
Instructions describe reactive triggers and an action 'webhook' that will call external URLs with memory context. Triggers run automatically on memory events (on_store/on_recall/etc.) and a curator runs background passes. These behaviours can cause sensitive memory contents to be sent to arbitrary external endpoints or otherwise be acted on automatically. The SKILL.md does not specify safeguards, consent prompts, or whitelist restrictions for webhooks or trigger actions.
Install Mechanism
There is no install spec and no code files — this is instruction-only. That minimizes the risk of arbitrary code being written/executed by the installer. The skill does rely on an external plugin/backend, but it does not attempt to install or download code itself.
Credentials
The skill requests no environment variables or credentials. That might be fine if the runtime platform or the required plugin supplies access. However, the documented features (webhooks, curator, AGE graph, etc.) normally require endpoints and credentials; the absence of any declared credential requirements means the instructions omit where or how external calls are authorized and raises the risk of misconfiguration or hidden requirements.
Persistence & Privilege
always is false and autonomous model invocation is allowed (the platform default). That is normal, but because triggers can fire automatically and call external webhooks, autonomous invocation increases the blast radius: the agent could autonomously send stored memories out-of-band if triggers are enabled. The skill does not request system-wide config changes or other skills' credentials.
What to consider before installing
This skill describes a server-side memory system with automatic triggers and webhook actions but provides no backend endpoints, credentials, or safety guardrails. Before installing, confirm: (1) where the Sulcus backend lives and which plugin provides it; (2) whether webhook URLs and trigger rules are editable and restricted (whitelisting only trusted endpoints); (3) you should not store secrets or private data in memories unless you control/verify webhook/trigger configurations; (4) who operates the backend (no homepage/owner information is provided here); and (5) request explicit documentation for authentication, data retention, and privacy. If you cannot verify those points, treat the skill as risky and avoid storing sensitive data with it.Like a lobster shell, security has layers — review code before you run it.
latestvk976yzvtq7pfh87gpbe76gwbrd84b96bmcpvk97de2b97zztb8kry0ttswvmn98354pvmemoryvk97de2b97zztb8kry0ttswvmn98354pvopenclawvk97de2b97zztb8kry0ttswvmn98354pvsulcusvk97de2b97zztb8kry0ttswvmn98354pvthermodynamicvk97de2b97zztb8kry0ttswvmn98354pv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.