memclaw
Security checks across static analysis, malware telemetry, and agentic risk
Overview
MemClaw is a coherent memory-management skill, but it relies on a separate plugin that can persist conversation and personal memory and may use configured LLM or embedding credentials.
This does not show clear malicious behavior. Before installing, confirm that you want MemClaw to replace built-in memory, verify the separate plugin source, understand where memory is stored, and check whether your LLM/embedding provider is local or external.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Conversations, preferences, personal details, and learned agent instructions may persist and be recalled later.
The skill stores user-specific personal information, session timelines, and agent-specific instructions in persistent memory, which is expected for a memory plugin but can affect future context and privacy.
`user/{user_id}/... personal_info/{name}.md` ... `agent/{agent_id}/... instructions/{name}.md` ... `session/{session_id}/timeline`Use separate session IDs for different projects, avoid storing secrets, and review plugin settings for retention, deletion, and memory isolation controls.
Your configured LLM or embedding provider credentials may be used by the MemClaw plugin.
The skill expects provider credentials for LLM/embedding configuration. That is purpose-aligned, but it is sensitive account access.
API keys are configured through OpenClaw plugin settings and are marked as sensitive fields.
Use least-privilege provider keys where possible, keep OpenClaw configuration private, and rotate keys if exposed.
Installing the separate plugin introduces executable behavior that was not statically reviewed here.
The reviewed skill is instruction-only; actual runtime behavior depends on a separate plugin that is not included in the artifact set.
This skill requires the memclaw plugin from the official Clawhub repository ... via the `openclaw plugins install` command
Install only from the official repository, verify the plugin source/version, and review its permissions before enabling it.
A user might assume all processing is local even if they configure a cloud LLM or embedding provider.
The documentation claims no external transmission while also discussing configured LLM/embedding providers; users should confirm whether their provider is local or external.
No External Data Transmission: Does NOT send data to external servers ... API keys ... other than your configured LLM/embedding provider
Confirm the configured provider endpoint and read the plugin’s provider settings before storing sensitive memory content.
Memory maintenance or migration could change, reindex, or prune stored memory data.
Maintenance and migration tools can change memory indexes or migrate existing memory. This is purpose-aligned but should be used deliberately.
`cortex_maintenance` ... `dryRun` default `false` ... commands `["prune", "reindex", "ensure-all"]`; `cortex_migrate` ... Migrate from OpenClaw native memory
Run migration or maintenance only when intended, prefer preview/dry-run modes where available, and back up important memory data first.