ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

SEEM

v0.1.0

Advanced episodic memory system for multi-turn conversations. Store and retrieve structured conversation memories with fact graph, PPR retrieval, and three r...

0· 37·0 current·0 all-time
by@ryantoleco
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (episodic memory, retrieval, embeddings) align with what the code asks for: python, pip, an LLM API key and an embedding API key. The required env vars (LLM_API_KEY, MM_ENCODER_API_KEY) and the Python modules listed in requirements.txt (openai, numpy, networkx, rank-bm25, etc.) are appropriate for the described functionality. Note: default base_url values in the config point at third-party endpoints (e.g., api.deepseek.com, api.siliconflow.cn); these are configurable but should be verified.
Instruction Scope
The SKILL.md and scripts direct the agent to send conversation text (and optionally images) to external LLM and embedding services and to run local CLI scripts that read/write the skill's local data. The CLI falls back to reading a local config.py if env vars are not set. There are no instructions to read unrelated system files or to transmit data to unexpected endpoints beyond the configured LLM/embed base_urls, but you should assume all stored conversation data and images will be transmitted to whatever endpoints are configured.
Install Mechanism
This skill is delivered with source files and a requirements.txt but has no automated install spec. That means installing/running it will typically require pip installing the listed packages. Dependencies are common for this domain and there are no obvious remote-download-or-extract steps in the manifest. Still, because source was published with no homepage and unknown owner, install from a controlled environment and inspect dependencies before pip installing.
Credentials
The skill requests two API keys that match its needs: an LLM key (primary) and an embeddings/MM encoder key. There are no unrelated credentials requested. Caveat: these API keys (and configured base_url values) allow the skill to send all conversation and image data to the remote LLM/embed providers you supply—ensure those providers are trusted and that keys are not reused for other sensitive services.
Persistence & Privilege
The skill persists memories and related indexes to disk (save/load logic referenced and CLI utilities create a data directory). always:false (no forced global inclusion) and disable-model-invocation:false (normal: agent or model can call the skill). This persistence is expected for a memory skill, but be aware stored data lives on the agent host and will be reloaded across runs when persistence is enabled.
Assessment
This skill appears internally consistent for a memory/retrieval system, but take these precautions before installing: - Verify and set the LLM/embedding base URLs to services you trust. Default config points at third-party domains (e.g., api.deepseek.com, api.siliconflow.cn); those endpoints will receive any conversation text and images. - Treat LLM_API_KEY and MM_ENCODER_API_KEY as sensitive secrets. Do not reuse them for unrelated accounts and prefer scoped/test keys. - Understand the skill persists memories to disk (under the skill directory). If you do not want local persistence, disable caching/persistence in the config (enable_cache) or inspect/modify save/load methods before use. - Because the package author and homepage are unknown, review network egress, the code paths that call the LLM/embedding APIs, and any save/load code before deploying in production. - If you need higher assurance, request provenance (author, repo, release tag) or run the skill in an isolated sandbox to observe network traffic and file writes. Confidence is medium because the implementation is coherent but the source is unpublished/unknown and the default endpoints are third-party; verifying endpoints and provenance would increase confidence.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bwqh0eqxshpj9v7q16nwhp183ym0r

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
Binspython3, pip
EnvLLM_API_KEY, MM_ENCODER_API_KEY
Primary envLLM_API_KEY

Comments