Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Memory Protocol
v1.0.1Agent memory management protocol. Activate for any memory read, write, or update operation. Defines six-category write spec, L0 sync rules, and dedup strategy.
⭐ 0· 39·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description (agent memory management) align with the SKILL.md: it defines where/how agents should write and how to retrieve memory. The use of qmd (indexing) and a local summarizer (LosslessClaw) is consistent with the stated purpose.
Instruction Scope
The SKILL.md directs agents to create and update many local files (memory/, blackboard/, L0/L1/L2 files) and to read/write conversation summaries from ~/.openclaw/lcm.db. The skill does not declare these config paths in the metadata, yet its runtime instructions assume filesystem access and modification of user / agent data. It also calls for automatic, real-time updates on events (e.g., immediate updates on project deadlines), which grants broad discretion to write persistent user data. No steps instruct explicit consent checks or protection of sensitive fields.
Install Mechanism
The skill is instruction-only (no install spec) — lowest install risk. It recommends installing third-party tools (qmd via bun/npm and LosslessClaw via openclaw plugin) from public package names or GitHub. Those are sensible for the purpose but are external dependencies you should verify come from trusted maintainers before installing.
Credentials
Requires no environment variables or declared config paths, yet the instructions assume access to specific filesystem locations (memory/, blackboard/, and ~/.openclaw/lcm.db) and agent config (openclaw.json). The lack of declared required config paths / permissions is an incoherence — the skill will need read/write filesystem privileges to be useful, and this is not surfaced in metadata. The skill would cause agents to persist potentially sensitive user/profile data to disk; ensure this is acceptable for your environment.
Persistence & Privilege
always:false (not auto-forced) and disable-model-invocation:false (normal). The SKILL.md labels the protocol 'All-Agent Protocol' (applies to all agents), which conflicts with not being always-enabled — clarify whether you must enable it broadly or keep it manual. No instructions modify other skills' configs, but it does advise editing openclaw.json to integrate qmd/lossless-claw which affects agent behavior.
What to consider before installing
This skill appears to be a legitimate protocol for organizing agent memory, but it assumes the agent can read/write local files and modify OpenClaw configuration even though the skill metadata doesn't declare required config paths or permissions. Before installing: 1) Verify the skill's source/provenance (GitHub repo, maintainer identity) and review the README/MEMORY-STACK files in that repo. 2) Confirm you are comfortable with agents writing persistent user data to memory/ and blackboard/ and storing compressed conversation summaries in ~/.openclaw/lcm.db (audit, encryption, backup policies). 3) If you prefer stricter controls, keep the skill user-invocable only (do not mark always:true) and limit agent autonomous invocation until you vet behavior. 4) Only install qmd and LosslessClaw from trusted package/repo URLs and review their code. 5) Consider running the skill in a sandboxed agent or workspace first and audit what files it creates/updates. If you want, request provenance (repository URL and maintainer contact) and a short changelog before proceeding — that would raise confidence.Like a lobster shell, security has layers — review code before you run it.
latestvk97adh5183f8swjdskgkfdd2q183yqka
License
MIT-0
Free to use, modify, and redistribute. No attribution required.