ClawHub

OpenClaw Memory Audit

Scan the agent workspace and memory logs for leaked API keys, tokens, or sensitive credentials. Use when the user requests a security check, a memory audit,...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 1k · 0 current installs · 0 all-time installs
by@shingo0620
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the code: a Python script walks the workspace and looks for API keys, JWTs, AWS keys, and other long secrets. The only runtime requirement declared (python3) is appropriate for the included script.
!
Instruction Scope
SKILL.md says the tool scans 'workspace and memory logs' and verifies a recurring audit schedule using cron.list(). The shipped script only walks filesystem files in the provided root directory (workspace) and does not access any agent memory store or memory-log APIs. If you expect it to scan in-memory conversation logs or a separate memory DB, this implementation does not do that. Also the SKILL.md instructs the agent to call cron.list() (an OpenClaw runtime action) which is outside the Python script — that split is fine but is a behavioural mismatch that should be documented clearly.
Install Mechanism
Instruction-only with a small Python script; there is no installer, no external downloads, and no archives being extracted. This is low-risk from an install-mechanism perspective.
Credentials
The skill requests no credentials or environment variables and the script does not read or transmit env vars. There is no indication of unrelated credential access. The patterns the script searches for are broad (may produce false positives) but that is proportional to a secrets scanner.
Persistence & Privilege
The skill does not request permanent/always-included status and does not modify other skills or system configuration. It only runs when invoked.
What to consider before installing
This skill appears to be a simple, local secrets scanner and does not exfiltrate data, but note the following before installing or running it: - The script only scans files under the workspace path you give it; it does NOT read agent memory stores or in-memory conversation logs even though the SKILL.md mentions 'memory logs'. If you need memory-store scanning, you'll need additional tooling or explicit instructions to the agent to access that store. - The scanner prints file paths and line numbers for matches (with values masked). Treat the output as sensitive: it reveals where a secret was found even if the secret value is partially redacted. - The regexes are intentionally broad (e.g., generic 32+/40+ char tokens) and can generate false positives. Review findings manually before revoking credentials. - Because the tool reads all text files recursively, run it in an environment where the agent is permitted to read the workspace (no unintended mounts). Consider running in a sandbox or with a copy of the workspace if you are concerned about accidental exposure of file metadata. If you want the skill to actually scan agent memory or a separate logs DB, ask the author to either: (1) document exactly which memory/log store it will access and request only the minimal API/credentials needed, or (2) include code that explicitly reads from that memory store (with clear, auditable behavior).

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.1.2
Download zip
latestvk9728ww2mtkz8rtwhbf5731ak181mx1d

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3

SKILL.md

Memory Security Audit

This skill provides a specialized tool to scan the workspace and memory log files for accidentally exposed secrets and ensures a healthy audit routine.

Security / Scope (Important)

  • This skill performs local, read-only scanning of files to detect secret-looking patterns.
  • It does not require (and must not include) any provider credentials.
  • Scheduling checks use OpenClaw's cron tool (listing/recommending a job). It does not edit configs automatically.

Audit Workflow

1. Secret Scanning

Run the scanning script to check all text files in the workspace (excluding a small set of known safe/noisy files like openclaw.json).

# from your OpenClaw workspace root:
python3 skills/openclaw-memory-audit/scripts/scan_secrets.py .

# or, if you are inside the skill folder:
python3 scripts/scan_secrets.py ..

2. Schedule Verification

Check the active cron jobs to ensure a recurring security audit is configured.

  • Call cron.list() and look for jobs related to "memory security" or "audit".
  • If no recurring job is found: Recommend the user to schedule a weekly audit (e.g., every Monday at 09:00).
  • If found: Confirm the next run time to the user.

What it checks for:

  • OpenAI API Keys (including project keys)
  • Telegram Bot Tokens
  • JWT Tokens (n8n, etc.)
  • Generic Alphanumeric Secrets (32+ characters)
  • AWS Credentials

Recommendations if secrets are found:

  1. Revoke the secret immediately at the provider's dashboard.
  2. Delete or redact the file containing the secret.
  3. Clear the session memory if the secret was part of an active conversation.

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…