Qmd Memory 1.0.0
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a coherent local memory-search skill, but it installs QMD globally, indexes local workspace notes, and can optionally share that memory with local agents.
This skill looks safe for its stated purpose if you want local QMD memory search. Before installing, confirm you trust the QMD npm package, review which Markdown files in your OpenClaw workspace will be indexed, and only start the MCP server if you are comfortable sharing that indexed memory with other local agents.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill's setup dependency can change the local environment and run code supplied by the QMD npm package.
The setup script installs QMD globally from npm without a pinned version. This is central to the skill's purpose, but it means users rely on the npm package's integrity and future updates.
npm install -g @tobilu/qmd
Install only if you trust QMD and the package source; prefer a pinned version or review the package before running setup in sensitive environments.
Private workspace notes, logs, or agent configuration files may become searchable and reusable through QMD.
The skill builds a persistent local search index from agent workspace files and memory logs. That is expected for local memory search, but these files may contain private or sensitive context.
✓ workspace — Core agent files (MEMORY.md, SOUL.md, etc.) ... ✓ daily-logs — memory/*.md daily logs ... ~/.cache/qmd/index.sqlite # Search index
Before setup, review which workspace folders contain sensitive content and add exclusions or avoid indexing files that should not become part of shared memory.
Other local agents or local processes may be able to query the indexed memory while the MCP server is running.
The optional serve command exposes the QMD memory index through a local HTTP MCP server for multi-agent use. The artifacts do not describe authentication or per-agent access controls.
All agents can now query shared memory at localhost:8181 ... qmd mcp --http --daemon
Run the MCP server only on trusted machines, verify it binds only to localhost, and avoid serving indexes that contain secrets or highly sensitive notes.
The shared memory service may remain active until manually stopped.
The serve command starts QMD as a background daemon. This persistence is disclosed and includes a stop command, but users should be aware it continues running after the command returns.
qmd mcp --http --daemon ... Stop with: qmd mcp stop
Stop the daemon when shared memory is no longer needed and check QMD status if you are unsure whether it is still running.