Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Engramai
v1.0.0Neuroscience-grounded memory for AI agents. Add, recall, and manage memories with ACT-R activation, Hebbian learning, and cognitive consolidation.
⭐ 0· 35·0 current·0 all-time
by@shing19
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description (neuroscience-grounded memory) match the SKILL.md: it documents an installable Python package, a client API, CLI, and an MCP server. Requiring python3 and a pip package is expected. Minor inconsistencies: SKILL.md claims 'Zero Dependencies' while also instructing 'pip install engramai'; links include both PyPI and an unrelated-sounding npm package which is unusual but possibly indicating multi-language ports.
Instruction Scope
Instructions tell agents to store and recall arbitrary memories, run a local MCP server, and recommend storing high-importance items (example list includes 'API keys location' under critical info). Although SKILL.md also warns against storing sensitive data, the Importance Guide explicitly lists API key locations as 'critical info' — this is contradictory and risks agents storing secrets. Running the MCP server with a writable DB path under ~/.clawdbot is expected for a memory tool, but it does give the package direct read/write access to the agent's memory DB.
Install Mechanism
The skill is instruction-only in the registry (no install spec), but SKILL.md instructs users to 'pip install engramai' (PyPI). Installing a package from PyPI is common and traceable, but it executes third‑party code on the host—there is no packaged install spec or checksum in the registry to verify provenance. No direct red flags like IP download URLs were present.
Credentials
The skill requests no environment variables in metadata, which is reasonable. However, the documentation suggests storing extremely sensitive items (API keys location) at high importance and configuring ENGRAM_DB_PATH to point to the agent DB. That combination could enable the package to access secrets stored in the same DB. The skill does not justify why secrets would be stored or how they would be protected/encrypted.
Persistence & Privilege
always is false and autonomous invocation is allowed (platform default). The MCP server pattern implies the package could be run as a long-lived process that reads/writes the agent DB; this is consistent with a memory service but increases blast radius compared to an ephemeral library. No evidence the skill attempts to modify other skills or system-wide settings.
What to consider before installing
This skill is internally coherent as a memory tool, but there are several things to check before installing or enabling it: 1) Verify the PyPI package and GitHub repository (author identity, recent commits, stars, open issues) and prefer pinned versions and checksums. 2) Inspect the package source (or ask for a code audit) before running pip install, because it will run code on your host and can read/write the agent DB. 3) Don’t store secrets in the memory DB; change the guidance that lists 'API keys location' as storable—keep secrets in a dedicated secret manager and never mark them as normal memories. 4) If running the MCP server, run it in a restricted environment (container or limited user) and ensure the DB file is encrypted or access-limited. 5) Ask the skill author for privacy/security details: whether the DB is encrypted, how rewards/exports handle sensitive fields, and whether the MCP server binds only to localhost. If you need, provide the package name and I can look up the PyPI/GitHub repository and summarize maintainer details and recent code activity.Like a lobster shell, security has layers — review code before you run it.
latestvk9768t73ckfzdee8bs2j4gp61583zdgv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🧠 Clawdis
Binspython3