Claw Store 1.3.3
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill matches its memory-storage purpose, but it handles powerful wallet and memory secrets and can print a generated encryption key to command output, so it should be reviewed carefully before use.
Install only if you trust the publisher, the Railway API endpoint, and the Jackal dependency chain. Use a dedicated wallet, keep the mnemonic and encryption key out of chat, run first-time setup in a private terminal, and confirm what memories the agent is allowed to save.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the generated encryption key appears in an agent transcript, terminal log, or shared output, someone else could decrypt the user’s stored memories if they can access the encrypted data.
When no encryption key exists, the client generates one, saves it locally, and also prints the raw key to stderr. That key decrypts stored memories, so automatic exposure in tool output or logs is a material secret-handling risk.
key_hex = os.urandom(32).hex(); _write_secret_file(_KEY_FILE, key_hex); f" export JACKAL_MEMORY_ENCRYPTION_KEY={key_hex}\n", file=sys.stderrRun first-time key generation in a private terminal, avoid letting the agent display stderr containing secrets, and consider changing the client to print only a backup reminder unless the user explicitly requests the key.
A vulnerable or outdated signing dependency could put wallet-related operations at higher risk, even if the skill’s intended behavior is legitimate.
The included dependency tree contains a crypto-related deprecation warning that explicitly mentions security-relevant bugs and possible private-key risk, which matters because this skill uses wallet material for Jackal operations.
"deprecated": "This uses elliptic for cryptographic operations, which contains several security-relevant bugs... However, private keys might still be at risk."
Review and update the Jackal/Cosmos dependency chain before trusting the skill with a valuable wallet mnemonic; use a dedicated low-value wallet where possible.
Incorrect, sensitive, or maliciously influenced saved memories could affect later agent behavior or reveal private context if the wrong content is saved.
The skill deliberately stores and reloads agent memory across sessions. This is purpose-aligned, but saved memory can become trusted context in future work.
"Persist your memory across sessions and machines" ... "Load your identity/memory blob on startup before doing any work" ... "Call save at session end or on significant state changes"
Save only content you are comfortable persisting, periodically review stored memory keys, and require confirmation before saving sensitive personal, business, or credential-adjacent information.