Membox Cloud Sync
ReviewAudited by ClawScan on May 1, 2026.
Overview
No malicious behavior is shown; the skill is a coherent encrypted memory-sync guide, but it involves an external plugin, account sessions, sensitive memory files, and optional unattended sync that users should review carefully.
This skill appears purpose-aligned for encrypted OpenClaw memory sync. Before installing, verify the external Membox plugin package, understand that MEMORY.md and memory/YYYY-MM-DD.md may be encrypted and uploaded, keep passphrase and recovery files private, and enable managed unlock or scheduled sync only if you intentionally want unattended operation.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The external plugin will be trusted to handle memory sync, sessions, passphrase files, and recovery material, so package provenance matters.
The skill depends on installing an external npm-distributed plugin that is not included in the artifact set and is not version-pinned in the instructions.
Plugin: - `openclaw plugins install @membox-cloud/membox` ... plugin distribution lives at npm
Before installing, verify that @membox-cloud/membox is the intended package, review its source or publisher if available, and prefer pinned or known-good versions for sensitive deployments.
A paired device can access and mutate the user's Membox sync state until revoked or logged out.
The device flow returns account access and refresh tokens for Membox, which are expected for the service but grant ongoing account/device access.
"access_token": "atk_123", "refresh_token": "rtk_123", "token_type": "Bearer"
Pair only trusted devices, keep local session storage private, revoke devices you no longer use, and do not paste passphrases or recovery codes into chat.
Sensitive personal or work context stored in OpenClaw memory may be encrypted and uploaded to the Membox service for cross-device reuse.
The skill intentionally syncs persistent memory files, which may contain private user context, while also defining a narrow default scope.
Default local facts to sync: - `MEMORY.md` - `memory/YYYY-MM-DD.md` Do not include derived caches or indexes by default
Review what is stored in MEMORY.md and memory/YYYY-MM-DD.md, keep the default narrow scope unless needed, and confirm you are comfortable syncing that memory to the service.
Incorrect or unintended sync actions could overwrite, remove, or restore memory state across devices.
The documented sync API can create/update and delete remote encrypted memory objects, which is expected for sync but can affect user data.
- `POST /sync/objects/commit`
- `DELETE /sync/objects/{object_id}`Use preview/conflict-safe restore behavior, keep local backups before first sync or restore, and confirm destructive delete or restore actions when possible.
If enabled, sync can continue outside the active chat session and may use managed unlock to run without interactive passphrase entry.
The skill supports ongoing local scheduled sync and unattended operation, but it explicitly ties this to local scheduling and an approved unlock path.
Use a local scheduler, not a remote server-side job... Do not schedule unattended sync unless the machine already has an explicit local unlock path.
Enable scheduling or managed unlock only if you want unattended sync, understand where the scheduler is installed, and know how to disable it later.