Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Memory Cleanup Assistant
v1.0.1Automatically audits and compresses memory and context files to reduce token usage and save weekly API costs without data loss.
⭐ 0· 318·1 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to audit and compress SOUL.md, AGENTS.md, MEMORY.md and daily memory files — the included code (index.ts) inspects those files (and additionally TOOLS.md) under ~/.openclaw/workspace and computes savings. That is consistent with the stated purpose. Minor mismatch: SKILL.md never mentions TOOLS.md but the code analyzes it. Also SKILL.md advertises a CLI named 'memory-cleanup' but the package contains TypeScript source only and no install/build instructions or binary, so the runtime user experience as documented is incomplete.
Instruction Scope
SKILL.md instructs running a 'memory-cleanup' CLI and adding an auto-run entry to HEARTBEAT.md for scheduled automatic execution. The instructions read and write files under ~/.openclaw/workspace (config, backups, memory files) which is expected for this purpose. However the skill provides no install spec for the CLI and no guidance for building/running the included TypeScript, so following the instructions as-is may fail or cause unexpected behavior if users run an unrelated 'memory-cleanup' binary. The documentation's claims about 'Git commit before cleanup' and 'automatic backups' should be verified against the full code before trusting automated execution.
Install Mechanism
There is no install specification (no packaging, no brew/npm, no binary). Yet a full TypeScript source file (index.ts) is included. That is not inherently malicious, but it's an incoherence: the SKILL.md commands expect an executable CLI; the repo does not provide build/install instructions or a packaged binary. Users would need to manually compile/run the TypeScript or trust a separate distribution channel, which increases risk and friction.
Credentials
The skill requests no environment variables or external credentials and only accesses files under the user's workspace (~/.openclaw/workspace) and HOME. This is proportionate to the stated file-cleaning purpose. The code imports only fs/path/crypto and uses process.env.HOME; there are no network calls, child_process.exec, or third-party credential requests evident in the provided portions.
Persistence & Privilege
The skill does not request elevated privileges and is not 'always' enabled. It writes its own config and backups under the workspace directory, which is appropriate for this function. Adding the CLI to an automated heartbeat would give it recurring execution rights — that is intentional for auto-cleanup but should only be enabled after verifying the code and backup/restore behavior.
What to consider before installing
Before installing or enabling auto-cleanup: 1) Do not enable automatic scheduled runs until you (or someone you trust) has reviewed the full index.ts to confirm how backups, archive, git commit, and restore are implemented. 2) Confirm how to actually run the tool: the SKILL.md references a 'memory-cleanup' CLI but the package contains only TypeScript source with no build/install steps — you'll need to compile or otherwise install a matching executable. 3) Run 'memory-cleanup clean --dry-run' (or the audit method) first and verify backups exist in ~/.openclaw/workspace/.memory-backup before any destructive actions. 4) If you use git, be aware the tool may commit changes (per docs); check that commits won't push sensitive content to remotes. 5) If you plan to enable auto-cleanup in HEARTBEAT.md, verify schedule, threshold, and last_cleanup behavior and test restore functionality. Overall the functionality aligns with its purpose, but the missing install/build instructions and some doc/code mismatches are reasons to inspect the code directly and test in a safe environment before trusting automated runs.Like a lobster shell, security has layers — review code before you run it.
latestvk97bdq9nrvkatnga88f4a3k9e1828tdm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.