ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ClawSeal

v1.0.3

Cryptographic memory for AI agents with QSEAL tamper-evidence. Zero-config demo mode, scroll-native YAML storage.

0· 62·0 current·0 all-time
byShawn Cohen@sdvegas21

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for sdvegas21/clawseal.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "ClawSeal" (sdvegas21/clawseal) from ClawHub.
Skill page: https://clawhub.ai/sdvegas21/clawseal
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: python3, curl
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install clawseal

ClawHub CLI

Package manager switcher

npx clawhub@latest install clawseal
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (tamper-evident local memory) matches what is present: a Python package dependency (clawseal), a small Flask HTTP bridge, curl-based usage examples, and an installer that sets up a local service. Required binaries (python3, curl) and written files (YAML scrolls) are exactly what you'd expect for this functionality.
Instruction Scope
SKILL.md and examples only direct local HTTP calls (localhost:5002), creating and verifying signed YAML memory files and using a local demo secret (~/.clawseal/demo_secret). They do instruct installing a Python package and registering an auto-start user service; they do not instruct reading unrelated system files or exfiltrating data. Note: demo mode uses a persistent file secret in the user's home directory — this is a design decision that carries a local-secret-protection risk.
Install Mechanism
install.sh uses pip to install the clawseal package and installs Flask deps via requirements.txt, then writes a per-user systemd or launchd unit and starts the service. This is a standard but moderately privileged install flow (runs package setup code and registers an auto-start service). No downloads from arbitrary IPs or URL-shorteners; package source is PyPI (pip) and files are created under the user's home/repo directory.
Credentials
The bundle requires no global credentials by default. Production mode optionally uses a QSEAL_SECRET environment variable (explicitly documented) which is appropriate and proportionate for HMAC signing. The demo secret file is created locally; users should understand that anyone with access to that file can forge signatures.
Persistence & Privilege
The installer registers a per-user auto-start service (launchd or systemd user) so the server persists and restarts on failure. This persistence is consistent with a local memory service, but users should be aware it will run on login/boot under their account and create/own scroll files and logs.
Assessment
This package appears to do what it says: a local, tamper-evident memory service. Before installing: 1) Review the upstream 'clawseal' PyPI package/source (pip install runs package code); 2) understand demo mode creates a persistent secret at ~/.clawseal/demo_secret — protect or delete it if you don't want a local long-lived secret; 3) the installer registers a per-user autostart service (launchd/systemd user) — remove the unit to uninstall persistence; 4) run the server bound to localhost by default, but check service args if you change them to avoid exposing it network-wide; 5) for production, set and protect QSEAL_SECRET (use a secrets manager), rotate regularly, and audit the scrolls directory. If you are cautious, test inside a isolated environment/container and inspect the installed 'clawseal' package source before granting it long-lived presence.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🔐 Clawdis
Binspython3, curl
agentsvk97fs59qv5eedesx1wvtnmz1h184x3a7cryptographyvk97fs59qv5eedesx1wvtnmz1h184x3a7latestvk97fs59qv5eedesx1wvtnmz1h184x3a7memoryvk97fs59qv5eedesx1wvtnmz1h184x3a7openclawvk97fs59qv5eedesx1wvtnmz1h184x3a7qsealvk97fs59qv5eedesx1wvtnmz1h184x3a7securityvk97fs59qv5eedesx1wvtnmz1h184x3a7yamlvk97fs59qv5eedesx1wvtnmz1h184x3a7
62downloads
0stars
1versions
Updated 1w ago
v1.0.3
MIT-0
Shawn Cohen@sdvegas21
agentscryptographylatestmemoryopenclawqsealsecurityyaml
Download

ClawSeal: Cryptographic Memory for OpenClaw Agents

What This Skill Does

ClawSeal adds persistent, tamper-evident memory to OpenClaw agents:

  • Remember user preferences — Scrolls signed with QSEAL (HMAC-SHA256)
  • Recall with verification — Every memory cryptographically verified on retrieval
  • Detect tampering — Any modification breaks signature immediately
  • Zero database dependencies — Pure YAML files, Git-friendly
  • Auto-demo mode — Works immediately without setup (persistent secret at ~/.clawseal/demo_secret)

When to Use This Skill

Use ClawSeal whenever you need to:

  • Remember user preferences across conversations
  • Store facts/insights that should persist
  • Verify memory integrity (compliance/audit scenarios)
  • Track user relationship evolution

Available Tools

clawseal_remember

Store a memory with QSEAL signature.

Usage:

curl -X POST http://localhost:5002/remember \
  -H "Content-Type: application/json" \
  -d '{
    "content": "User prefers concise technical explanations",
    "memory_type": "preference",
    "user_id": "openclaw_user"
  }'

Returns:

{
  "success": true,
  "memory_id": "MEM_20260415_abc123",
  "qseal_signature": "OXIaQboYCy5csPif7LWGz4scHZAB0YKpAPwVuXjCXLc=",
  "qseal_mode": "demo_ephemeral",
  "qseal_production": false
}

clawseal_recall

Retrieve memories matching a query, with QSEAL verification.

Usage:

curl -X POST http://localhost:5002/recall \
  -H "Content-Type: application/json" \
  -d '{
    "query": "user preferences",
    "user_id": "openclaw_user",
    "limit": 5
  }'

Returns:

{
  "success": true,
  "count": 2,
  "memories": [
    {
      "scroll_id": "MEM_20260415_abc123",
      "content": "User prefers concise technical explanations",
      "memory_type": "preference",
      "qseal_verified": true,
      "qseal_mode": "demo_ephemeral"
    }
  ]
}

clawseal_verify_memory

Explicitly verify a specific memory's QSEAL signature.

Usage:

curl -X POST http://localhost:5002/verify \
  -H "Content-Type: application/json" \
  -d '{
    "memory_id": "MEM_20260415_abc123",
    "user_id": "openclaw_user"
  }'

Returns:

{
  "valid": true,
  "memory_id": "MEM_20260415_abc123",
  "signature_verified": true,
  "content_intact": true,
  "qseal_mode": "demo_ephemeral"
}

Example Conversation Flow

User: "Remember that I prefer detailed technical explanations with code examples"

Agent: "I'll store that preference in ClawSeal."

Agent calls clawseal_remember:

curl -X POST http://localhost:5002/remember \
  -d '{"content": "User prefers detailed technical explanations with code examples", "memory_type": "preference", "user_id": "openclaw_user"}'

Agent: "Stored! Memory ID: MEM_20260415_abc123 (QSEAL verified)"

User (new session): "What do you know about my preferences?"

Agent: "Let me recall your preferences from ClawSeal."

Agent calls clawseal_recall:

curl -X POST http://localhost:5002/recall \
  -d '{"query": "preferences", "user_id": "openclaw_user", "limit": 5}'

Agent: "I found 1 verified memory: You prefer detailed technical explanations with code examples. (QSEAL signature verified ✅)"

Installation

Automatic (via OpenClaw):

openclaw plugins install clawseal

Manual:

# Install Python package
pip install clawseal

# Verify installation
clawseal verify

# Start server (auto-starts on port 5002)
python3 -m clawseal_openclaw.server

Production Setup

Demo mode (default): Uses persistent secret at ~/.clawseal/demo_secret

  • ✅ Works immediately
  • ⚠️ Not production-ready (ephemeral secret)

Production mode: Set QSEAL_SECRET environment variable

# Generate production secret
clawseal init

# Restart server (will detect QSEAL_SECRET)
python3 -m clawseal_openclaw.server

Memory Types

  • preference 🎯 — User preferences
  • fact 📌 — Factual information
  • insight ✨ — Insights/observations
  • decision ⚖️ — Decision records
  • general 📝 — General notes

Security Notes

  • QSEAL signatures — HMAC-SHA256, tamper-evident
  • Demo mode — Persistent local secret (chmod 600), marked in artifacts
  • Production mode — User-managed QSEAL_SECRET (rotate regularly)
  • Tampering detection — Any modification breaks signature immediately. This memory has been permanently rejected. All other memories remain verified and intact. Your agent's integrity is protected.

Comments

Loading comments...