ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Local Memory 1.0.1

v1.0.0

Persistent local memory system for AI agents across conversations — file-based, zero external dependencies. Trigger when: (1) user asks to "remember" somethi...

0· 85·1 current·1 all-time
by@nickolaslab
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name and description (persistent local memory, file-based) match the instructions which only read/write markdown files under user-home memory directories. Requested capabilities (no binaries, no env vars, no network) are proportionate. However the registry metadata/version/owner IDs are inconsistent with the _meta.json in the bundle (ownerId and version mismatches), which is unexpected for a small instruction-only skill and raises provenance questions.
Instruction Scope
SKILL.md confines operations to a small set of home-directory paths and prescribes formats and 'never write' rules for secrets and credentials, which is appropriate for a local memory feature. Still, it instructs the agent to 'proactively write important content' and to 'auto-check' MEMORY.md at conversation start — behaviors that will cause the agent to read and write local files automatically. That is within the stated purpose but increases the chance of persisting sensitive or private conversation content if the agent misclassifies data.
Install Mechanism
This is instruction-only with no install spec and no code files, so nothing is written to disk by an installer. Lowest-risk install profile.
Credentials
No environment variables, credentials, or external endpoints are requested. The declared requirements are minimal and proportionate to a file-based memory skill.
Persistence & Privilege
The skill is not always:true and has default autonomous invocation allowed (normal). The runtime behavior includes auto-checking memory at conversation start and proactively writing before context limit, meaning it may read/write local files without an explicit user 'save' command. That autonomous file access increases potential impact and should be considered before enabling.
What to consider before installing
This skill appears to do what it says (store local memory files) and does not request network access or credentials. Before installing: (1) verify the skill's source/owner — the bundle's _meta.json ownerId and version differ from the registry metadata provided, which could indicate a packaging or provenance issue; (2) consider file permissions and where the memory directory will be created (~/.claude, ~/.openclaw, ~/.agent-memory) to prevent other users or processes from reading it; (3) be mindful that the agent will auto-check and can proactively write memories — review and possibly override or limit auto-write behavior to avoid persisting sensitive conversation excerpts; (4) back up or inspect any existing MEMORY.md before first run; (5) if you need higher assurance, ask the publisher for source code or a trusted homepage before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fy740y4zsq97mpm6a0a1den83q76y

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments