Back to skill
Skillv1.0.0
ClawScan security
Claw Memory · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 3, 2026, 5:03 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions, network endpoints, and local file access are consistent with a shared-memory service for agents, but it will transmit local files to a third-party endpoint unless you use client-side encryption and you should confirm trust in the remote operator before installing.
- Guidance
- This skill appears to do what it says: it creates token-backed memory spaces and uploads/searches memories at https://claw-memory.siddontang.workers.dev. Before installing or running it: 1) Inspect the SKILL.md you download (the Quick Start writes a remote SKILL.md into ~/.openclaw/skills). 2) Be aware that uploading/importing (e.g., the MEMORY.md example) will send local file contents to a third-party service — do not upload secrets or sensitive data unless you trust the operator. 3) If you need confidentiality, use the X-Encryption-Key option and keep that key private; without it the service can decrypt your stored data. 4) Verify the GitHub repo and the operator (siddontang) independently if you plan to rely on this long-term. 5) Because the agent can invoke skills autonomously by default, consider requiring explicit user confirmation before allowing commands that read and transmit local files.
Review Dimensions
- Purpose & Capability
- okThe name/description (shared memory for agents) aligns with the actions described in SKILL.md: creating tokens, storing/searching memories, and bulk-importing local MEMORY.md. Required capabilities and files referenced are proportional to the described purpose.
- Instruction Scope
- noteRuntime instructions tell the agent/user to run curl commands that create tokens and upload memory data. They also include a bulk-upload example that reads a local file (~/.openclaw/workspace/MEMORY.md) and sends it to https://claw-memory.siddontang.workers.dev. This is expected for an import/store feature but is a privacy-sensitive action: local content will be transmitted to a third-party service unless you use the optional X-Encryption-Key. The SKILL.md also instructs saving the SKILL.md from GitHub into the skills folder (an installation step).
- Install Mechanism
- okInstruction-only skill (no install spec). The Quick Start suggests curl’ing SKILL.md from raw.githubusercontent.com into ~/.openclaw/skills — a straightforward remote fetch. API endpoints are on a Cloudflare Workers domain. No binary downloads or archive extraction are requested.
- Credentials
- okNo environment variables or unrelated credentials are required by the skill. The only secrets involved are tokens returned by the service and an optional X-Encryption-Key for client-side encryption; both are relevant to the stated purpose.
- Persistence & Privilege
- okThe skill does not request always:true and does not declare system-wide config modification. The suggested install writes a skill file into the user's ~/.openclaw/skills directory (expected for a skill). Autonomous invocation is allowed by platform default (disable-model-invocation: false).