Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Echoic Memory
v1.0.0Distill a beloved person who has left your life into an AI Skill. Import chat history, photos, videos, voice memos, and social media to preserve their person...
⭐ 0· 32·0 current·0 all-time
bywhalehat@quqicolour
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name/description (distilling a person into a local AI Skill) matches the delivered assets: parsers and analyzers for WeChat/QQ/social media, photos, and media plus tools to build/write Skill files. Required capabilities (file read, run Python parsers, write local Skill files) are proportional to the stated goal.
Instruction Scope
SKILL.md explicitly instructs the agent to read user-supplied chat exports, photos, audio/video, run the included Python tools, analyze metadata (including GPS EXIF), and write new Skill files under ./echoes/{slug}/. That processing is expected for the use case, but it will access highly sensitive personal data (chat logs, voice, location). The agent is granted Bash/Read/Write/Edit for those operations — appropriate but worth user attention.
Install Mechanism
No automatic install/download step is specified. The repo contains scripts and a requirements.txt with common Python libs (Pillow, optional ffmpeg/mutagen). No network endpoints or remote downloads are embedded in the code. Install instructions (git clone) reference a placeholder GitHub repo; cloning from an untrusted remote would be the clear external risk, but that is a standard distribution mechanism rather than hidden behavior.
Credentials
The skill requests no environment variables, credentials, or config paths. All data access is local and driven by user-supplied files. This is proportionate to the skill's stated purpose.
Persistence & Privilege
The skill does not request 'always: true' and uses normal autonomous-invocation defaults. Its lifecycle actions (creating echoes/{slug}/ directories, writing memory.md/persona.md/meta.json, versioning) are limited to its own output directories and not system-wide configuration. No cross-skill config modifications are present.
Scan Findings in Context
[pre-scan-injection-none] expected: Static pre-scan reported no injection signals. The skill contains local file parsers and does not embed network calls or credential access—consistent with the memorial use-case.
Assessment
This skill appears internally consistent with its purpose, but it will process very sensitive personal data (chat logs, photos with EXIF/GPS, voice recordings). Before installing or running it: 1) Verify the repository source you clone from (use a trusted/familiar repo or inspect the code locally) and run it in an isolated environment if concerned. 2) Be aware the skill will read any files you point it to and will write generated Skill files under ./echoes/{slug}/ — review those files if you want to remove or redact data. 3) The code includes optional dependencies (Pillow, ffmpeg, mutagen, OCR) — install only what you need. 4) If you plan to use exported chat databases, confirm those exports do not contain other peoples' private data you are not authorized to process. 5) If you have low tolerance for sensitive data exposure, run the scripts offline on a machine that is not connected to external networks and test with non-sensitive dummy data first. Finally, if you want higher assurance, have someone you trust review the code (notably the small use of eval on framerate in media analyzer) before use.tools/media_analyzer.py:54
Dynamic code execution detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk973dx36dcehw24jd0nstbw36x840rb0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.