pg-memory

The OpenClaw AgentSkills skill bundle "pg-memory" is classified as **suspicious**. The skill bundle implements a PostgreSQL-based memory system for AI agents, including features like natural language querying, data retention, and multi-instance support. The code and documentation demonstrate a clear intent to provide robust and secure functionality, including input validation, parameterized SQL queries, and explicit warnings about security best practices. However, several aspects introduce significant vulnerabilities and risky capabilities, which, while not indicative of *malicious intent* by the developers, could be exploited: 1. **Plaintext Password Storage**: The `client-setup.sh`, `install.sh` scripts, and `MIGRATION.md` documentation instruct or directly write database passwords into configuration files (`config.env`). Storing credentials in plaintext is a critical security vulnerability. 2. **Broad Database Privileges**: The `install.sh` script attempts to create a PostgreSQL superuser (`createuser -s`) if initial connection fails. The `server-setup.sh` script grants `ALL PRIVILEGES` on the database and `CREATEDB` to the `openclaw_user`. While these are often necessary for database setup, they represent broad permissions that could be abused if the database user account is compromised. 3. **Network Exposure Instructions**: The `server-setup.sh` and `MIGRATION.md` explicitly instruct users to configure PostgreSQL to listen on all network interfaces (`listen_addresses = '*'`) and allow connections from any IP address (`host all all 0.0.0.0/