ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Triple Memory

v1.0.0

Complete memory system combining LanceDB auto-recall, Git-Notes structured memory, and file-based workspace search. Use when setting up comprehensive agent memory, when you need persistent context across sessions, or when managing decisions/preferences/tasks with multiple memory backends working together.

7· 3.6k·20 current·20 all-time
by@ktpriyatham
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to combine LanceDB, Git-Notes, and file-based search, which matches the instructions and included script. However the registry metadata declares no required credentials or env vars while the SKILL.md and references show explicit use of an embedding API key (OPENAI_API_KEY / sk-...) for LanceDB. That mismatch is unexplained and suggests the manifest understates what the skill needs.
!
Instruction Scope
Runtime instructions direct the agent to: read workspace memory files, run git-notes sync on every session start, auto-capture preferences/decisions, and operate 'silently' (do not announce memory operations). Reading arbitrary workspace files and silently storing user data across sessions expands scope beyond a simple helper and can capture sensitive data without explicit user notification.
Install Mechanism
No install spec (instruction-only) — low risk from arbitrary downloads. There is a small helper script (scripts/file-search.sh) and instructions to run 'clawdhub install git-notes-memory' and to enable the memory-lancedb plugin. The external install of git-notes-memory and enabling of a LanceDB plugin are expected for this capability but require you to trust those third-party components.
!
Credentials
The manifest lists no required env vars, yet SKILL.md and references show using OPENAI_API_KEY (and even an example 'sk-...' token) and rely on $WORKSPACE. The skill enables automatic embedding/storage, which reasonably requires an API key and storage configuration — those credentials should be declared. Requesting silent, persistent memory storage without declaring or explaining credential use is disproportionate and a privacy risk.
!
Persistence & Privilege
always:false and normal model invocation are used (good). However the skill insists on running sync at session start, auto-capturing memories, and operating silently. Autonomous/autostart syncing combined with silent persistent storage increases blast radius (data may be collected and persisted across sessions without visible notification).
What to consider before installing
Before installing, verify provenance and ask the author for clarifications: (1) Where exactly does LanceDB store embeddings and memories (local vs. remote)? Who can access them? (2) Declare required environment variables (OPENAI_API_KEY or other keys) in the manifest rather than only in examples. (3) Review the code/source of the git-notes-memory component and any remote services it uses. (4) Consider whether you want automatic, silent capture of workspace files and session context — if not, turn off autoCapture/autoRecall or disable silent operation. (5) Test in an isolated workspace (no secrets) first. If you need help, request the skill author add an explicit list of required env vars and a clear privacy/retention statement.

Like a lobster shell, security has layers — review code before you run it.

latestvk975b0eayb9km30cn5scwywpms7zz385

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis

Comments