Agent Memory Ops
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent local memory-audit helper, with the main caution that it reads and helps curate persistent agent memory files.
Install only if you want an agent to inspect workspace memory files. Run it in the intended project root, review all suggested memory updates before applying them, and do not promote secrets, tokens, or temporary private details into long-term memory.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Memory content may be surfaced to the agent and proposed for long-term retention, which can influence future responses.
The skill reads persistent memory and daily notes, then suggests facts to keep in long-term memory. That is purpose-aligned, but it can affect future agent context and may involve sensitive personal or project information.
- scans `MEMORY.md` + `memory/*.md` - extracts memory candidates from recent daily notes ... 3. Promote only durable facts into `MEMORY.md`.
Review digest/report output before saving changes to MEMORY.md, and avoid retaining secrets or temporary/private details unless intentionally requested.