ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Shared Memory Stack

v1.0.0

Complete reference for the shared memory architecture connecting Claude Code, OpenClaw/Kimi, and LM Studio subagents through Obsidian vault + MemPalace (Chro...

0· 42·0 current·0 all-time
by@nerua1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The documented purpose — coordinating a shared local memory (Obsidian vault + ChromaDB/MemPalace) between Claude Code, OpenClaw and LM Studio — is coherent with the instructions. However the registry metadata declares no required binaries, env vars, or config paths while the SKILL.md repeatedly references specific binaries (/opt/homebrew/bin/mempalace, /opt/homebrew/bin/capture-idea, openclaw CLI, python3), absolute filesystem paths (/Volumes/2TB_APFS/...), and GitHub/SSH usage. That mismatch (metadata says 'none' but the doc requires many local tools/keys) is an incoherence and should be explained by the author before use.
!
Instruction Scope
The SKILL.md tells operators to read/write specific local directories, run local binaries that mine and index vault contents, and communicate over a local gateway (port 18789). It also references publishing to GitHub and assumes an SSH key and gh are configured. These instructions require filesystem access and existing credentials; if an agent were allowed to execute them automatically they could read and transmit potentially sensitive local data. The instructions are not purely descriptive — they include concrete commands that would perform IO on the host.
Install Mechanism
No install specification or code files are present; the skill is instruction-only. This reduces supply-chain risk because nothing will be automatically downloaded or written by the registry install itself. All executable behavior depends on local binaries described in the documentation.
!
Credentials
The skill metadata lists no required environment variables or credentials, yet the documentation explicitly assumes access to an SSH key and the 'gh' CLI, a local OpenClaw gateway, and specific home/workspace directories. That gap is concerning: the skill expects privileged local artifacts (keys, repos, large data directories) but does not declare them. Users should not expose SSH keys, tokens, or allow automatic execution of the described commands without verifying what will run and what data will be read or transmitted.
Persistence & Privilege
The skill is not force-included (always: false) and is user-invocable. Autonomous invocation is permitted by default but is not by itself flagged here. The skill does not request to modify other skills or system-wide settings in the provided documentation.
Scan Findings in Context
[no_regex_findings] expected: The static regex scanner had no code files to analyze (instruction-only). Absence of code findings is expected for a SKILL.md-only skill, but does not imply the instructions are safe to execute.
What to consider before installing
This skill is a documentation-only guide for running a local shared-memory stack; it appears coherent in purpose but the metadata omits many operational requirements. Before installing or running anything mentioned here: 1) Do not allow an agent to run these commands autonomously — the doc includes concrete commands that will read and write local directories and could transmit data. 2) Manually verify the existence and contents of the referenced paths and binaries (/Volumes/2TB_APFS/..., /opt/homebrew/bin/mempalace, capture-idea, openclaw CLI). 3) Confirm SSH keys and 'gh' config are present and intended for use; never expose or copy private keys. 4) Review any local scripts (capture-idea, mempalace wrapper) before execution to ensure they don't call out to remote endpoints or exfiltrate data. 5) Ask the skill author to update metadata to list required binaries/credentials and to clarify which actions are purely descriptive vs meant to be executed. If you cannot validate these points, treat the skill as high-risk and avoid running the documented commands.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dq8j20e1f6ky9nktrzcgpc984pb7k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments