ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenClaw Memory Kit

v0.2.1

Scaffold, sanitize, or share an OpenClaw multi-agent memory system with a reusable workspace, memory-lancedb-pro configuration, role prompts, task-board conv...

0· 91·0 current·0 all-time
bysune@sora-mury
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's stated purpose (scaffold/sanitize/share an OpenClaw memory workspace) matches the included documentation and role prompts. However, it promises a generator script (scripts/bootstrap-openclaw-memory.ps1) and runtime behavior (write state-local npm packages) while the package contains only docs and no bootstrap script or installer code — an inconsistency between claimed capability and delivered artifacts.
!
Instruction Scope
SKILL.md tells the agent (or user) to run a PowerShell bootstrap script, create and overwrite files under a target root, and optionally install npm plugins. Those actions modify local filesystem state and fetch packages over the network. The core problem: the instructions reference a script file that is not present in the skill bundle, leaving ambiguity about where the executable logic lives and increasing the risk the user will execute an unvetted script obtained elsewhere.
Install Mechanism
There is no install spec (instruction-only), which is low-risk in principle. But the instructions expect npm package installs and a bootstrap script to run; because neither the script nor an install mechanism is included, the skill depends on the environment or external downloads the skill does not provide or document explicitly.
Credentials
The skill does not request environment variables, credentials, or config paths. The documentation explicitly warns not to copy secrets and to use placeholders, which aligns with the stated sanitization goal.
Persistence & Privilege
The skill is not force-included (always: false) and does not request elevated or persistent privileges. allow_implicit_invocation is enabled in agents/openai.yaml (normal for skills) but this is not by itself a red flag.
What to consider before installing
This package is documentation-heavy and claims to scaffold a sanitized OpenClaw memory workspace, but it does not include the referenced bootstrap PowerShell script or any installer. Before running anything that writes files or installs npm packages: 1) ask the publisher for the bootstrap script source or view its full contents so you can inspect it; 2) do not paste or copy your live .env or secrets — follow the sanitization checklist; 3) run any generator or npm installs in an isolated directory or container and back up your existing OpenClaw state; 4) verify npm package names and versions against the official registry (and prefer pinned versions you trust); and 5) if you want to let the agent run commands, require explicit confirmation for each filesystem or network action. If the maintainer cannot provide the actual bootstrap script or an explicit install manifest, treat this skill as incomplete and avoid running ad-hoc scripts fetched from unverified sources.

Like a lobster shell, security has layers — review code before you run it.

latestvk9745b6scahpmwne1wnrbs77as83h9kz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments