Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Claw Store 1.3.3
v1.3.7Sovereign, recoverable memory for AI agents backed by Jackal decentralized storage.
⭐ 0· 612·5 current·5 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (sovereign agent memory on Jackal) match the code and SKILL.md. The required env vars (API key, encryption key, wallet mnemonic) are exactly what a client that provisions storage and performs client-side encryption would need. The package includes BIP39 wordlist and wallet/key generation code, which is consistent with the stated functionality.
Instruction Scope
SKILL.md instructions limit actions to wallet/key generation, local storage under ~/.config/jackal-memory, AES-256-GCM encryption, and API calls to the provision/runtime host. The README explicitly tells the user not to paste secrets into chat and to set environment variables locally. There are no instructions to read or exfiltrate unrelated system files or credentials.
Install Mechanism
This is instruction-first with two shipped client implementations (Python and Node). There is no automatic installer in metadata; SKILL.md instructs running 'pip install cryptography' and 'npm install' in the skill folder. Dependencies are pulled from PyPI/npm (no arbitrary URL downloads), which is expected but means you should review or sandbox npm installs. package-lock.json shows widely used packages (some with deprecation/security notices in their own metadata), which is normal but worth auditing before use.
Credentials
The required environment variables (JACKAL_MEMORY_API_KEY, JACKAL_MEMORY_ENCRYPTION_KEY, JACKAL_MEMORY_WALLET_MNEMONIC) are all directly relevant to provisioning, encrypting, and signing storage transactions. The skill writes user secrets to ~/.config/jackal-memory (0600) as documented — this is expected but the wallet mnemonic is highly sensitive and must be protected/ backed up out-of-band.
Persistence & Privilege
Skill is not marked always:true and does not request elevated system-wide privileges. It stores its own files in the user's home config directory and does not modify other skills or global agent settings. The skill can be invoked autonomously (platform default), which is normal for skills and not a standalone reason for concern.
Assessment
This package appears to be what it claims: client-side AES-GCM encryption and wallet-based storage on Jackal. Before installing: 1) Verify you trust the runtime API host (BASE_URL is https://web-production-5cce7.up.railway.app, different from the homepage) — you may prefer an official or self-hosted endpoint. 2) Do not paste your encryption key or mnemonic into chat; set env vars locally and keep backups offline. 3) Review/package-audit the npm dependencies (run npm audit) and consider installing in an isolated environment or container. 4) Understand that the JACKAL_MEMORY_WALLET_MNEMONIC controls on-chain ownership — losing it could mean permanent loss of access. If you need higher assurance, consider generating and storing the mnemonic in a hardware wallet or secure vault and only using stateless provisioning keys for the agent.jackal-memory/jackal-client.js:55
Environment variable access combined with network send.
jackal-memory/jackal-client.js:53
File read combined with network send (possible exfiltration).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk970jf45d439wtzq0ax8hpe1cd82zr9f
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🧠 Clawdis
EnvJACKAL_MEMORY_API_KEY, JACKAL_MEMORY_ENCRYPTION_KEY, JACKAL_MEMORY_WALLET_MNEMONIC