Plugin

This skill appears to implement an encrypted agent memory, but there are several red flags you should address before installing or supplying secrets: 1) Metadata in the registry/frontmatter claims no environment variables, but the code and README require a 12-word recovery phrase (TOTALRECLAW_RECOVERY_PHRASE), a server URL, and potentially many LLM provider API keys — verify why each key is needed. 2) The recovery phrase is the single recovery mechanism and is highly sensitive; do not reuse any phrase tied to real crypto wallets (the README warns this), and avoid setting it as an env var on shared machines unless you trust both the client code and the server. 3) The skill will send a derived auth key (raw hex) as a Bearer token to the configured server (default api.totalreclaw.xyz); even if blobs are encrypted, the auth token and metadata are sent — audit the server and network endpoints before use. 4) The skill reads many unrelated provider API keys (OpenAI, Anthropic, Gemini, etc.); only provide keys you explicitly trust the skill to use. 5) SKILL.md includes strong prescriptive instructions and was flagged for a possible system-prompt override — manually inspect SKILL.md and the code for any instructions that would alter agent/system prompts or exfiltrate data. 6) Because the package uses a third-party WASM module (@totalreclaw/core) and contains client code that will run in your agent environment, review the source of that module and consider running the skill in an isolated/test agent (or self-host the server) first. If you are not able to audit the code and server, avoid providing the recovery phrase or LLM keys and prefer a local/self-hosted deployment. If more information (server source code, npm package provenance, or a clear list of env vars actually required at runtime) is provided, I can re-evaluate and raise or lower the risk assessment.