Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Context Booster
v0.1.2Use this skill when managing long-context conversations and tasks. Provides intelligent compression, key extraction, context enhancement, memory retrieval, a...
⭐ 0· 69·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description describe context compression, memory retrieval, and enhancement and the SKILL.md contains detailed procedures and examples that align with that purpose. The skill does not ask for unrelated credentials or cloud access. The presence of a package.json (Node entrypoint) without any source code is slightly odd but not inconsistent with an instruction-only meta-skill.
Instruction Scope
SKILL.md instructs the agent to read/write and manage local memories and mentions file paths such as ~/.openclaw/skills/ and ~/workspace/skills/. Those actions are within scope for a context-management skill, but the frontmatter lists powerful tools (Bash, Exec) which would allow arbitrary shell execution if the agent uses them. The document also asserts local encryption and GDPR compliance — these are policy/architecture claims not verifiable from the provided files.
Install Mechanism
No install spec or downloads are present (instruction-only), so nothing gets written to disk by an installer. This is the lowest-risk install model. The package.json exists but no src/ code is packaged; that alone is not a direct install risk but is unexpected for a module advertised with a JS API.
Credentials
The skill declares no required environment variables, credentials, or config paths. That is proportionate to its stated functionality. There are no requests for unrelated secrets. However, because the skill is instruction-only it may use the agent's runtime capabilities (read/write/exec) to access local files — this is permitted by the instructions but should be considered by the user.
Persistence & Privilege
Flags show always:false and model invocation is allowed (default). The skill does not request persistent platform-level privileges or modifications to other skills. There is no evidence of forced inclusion or elevated persistent privileges.
Assessment
This skill appears internally consistent with its purpose and asks for no credentials, which is good. But it's an instruction-only meta-skill: it tells the agent to read/write local context and (per frontmatter) may use shell/exec tools. Before installing or enabling it broadly, consider: 1) verify the implementation — ask the author for the source code or a repo so you can confirm the claimed local encryption and retention behavior; 2) run it in a limited/sandboxed environment first (or with a test account) because the agent could be instructed to read or modify local files; 3) confirm the publisher identity and support channels (the README references endpoints and a maintainer name that you may want to validate); 4) if you rely on the privacy claims (GDPR, local encryption), require proof/technical details or use the enterprise/private-deploy option. If you want additional assurance, request the missing source files (src/) or a minimal audited implementation before trusting it with sensitive data.Like a lobster shell, security has layers — review code before you run it.
latestvk97ezw8mhck04v8hp25w9w1ep984aw9s
License
MIT-0
Free to use, modify, and redistribute. No attribution required.