Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
memory-assistant
v1.0.1Helps users remember where they put things and schedule voice reminders. Use when the user says "记一下"/"记一下"/"提醒我", records item locations (e.g. keys, passpor...
⭐ 0· 118·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (remember item locations, schedule voice reminders) aligns with required capability (SENSEAUDIO_API_KEY and two Python scripts that call the SenseAudio TTS API and read/write items/reminders). No unrelated credentials or remote endpoints are requested beyond api.senseaudio.cn.
Instruction Scope
SKILL.md and reference claim a {baseDir} resolution and show use of load_dotenv(), but both scripts actually use Path.cwd() to choose the data directory (~/.memory-assistant or .memory-assistant in the current working directory) and do not load .env; this mismatch may cause data (items.json, reminders.json, and audio files) to be written into an unexpected workspace path. The scripts read/write local JSON files and call only the documented SenseAudio API — no other exfiltration endpoints — but they will persist possibly-sensitive location/event data in plaintext.
Install Mechanism
No install spec; scripts are instruction-only files requiring only standard Python packages (requests). No download from unknown URLs or archive extraction. Risk from install mechanism is low.
Credentials
Only SENSEAUDIO_API_KEY is required, which is appropriate for the TTS integration. The API key is sent to the documented https://api.senseaudio.cn/v1/t2a_v2 endpoint. No other secrets or unrelated env vars are requested.
Persistence & Privilege
Skill is not always-enabled and does not request elevated privileges, but it persists user data (items.json, reminders.json, generated audio) to the filesystem. Because the code chooses the data dir based on cwd, data may end up in the project/workspace directory rather than an isolated skill folder — increasing chance of accidental disclosure or inclusion in backups/version control.
What to consider before installing
This skill appears to implement the advertised feature (local storage + SenseAudio TTS) and only needs SENSEAUDIO_API_KEY. Before installing: (1) review/confirm where data will be stored — the scripts use the current working directory or ~/.memory-assistant (not a guaranteed skill-only directory), so sensitive records (e.g., passport/keys, event details) may be written into your project/workspace; (2) consider setting file permissions or configuring a safe data_dir to avoid accidental commits/backups; (3) confirm you’re comfortable that your SENSEAUDIO_API_KEY will be used to call https://api.senseaudio.cn; check SenseAudio’s privacy policy; (4) note the docs mention loading .env but the scripts do not — if you rely on .env, set env vars explicitly or edit scripts; (5) run the scripts in --dry-run first and inspect created files; (6) if you need stronger privacy, modify the code to encrypt stored data or place storage in a dedicated directory outside your workspace. These inconsistencies and privacy implications are why the skill is flagged suspicious rather than benign.Like a lobster shell, security has layers — review code before you run it.
latestvk9788atp358x8tcz5e54yvqvt183bxd8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.