Skillv1.0.0

ClawScan security

memguard · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 14, 2026, 10:08 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, install steps, and runtime instructions are coherent with a local, regex-based memory/resource leak scanner; nothing in the bundle suggest deliberate misdirection or exfiltration, though there are a few small metadata/inventory inconsistencies worth noting before install.
Guidance: This skill appears to do what it says: a local, regex-based memory/resource leak scanner implemented in bash with optional paid features gated by a MEMGUARD_LICENSE_KEY. Before installing: - Confirm the MEMGUARD_LICENSE_KEY placement you intend to use (env var or ~/.openclaw/openclaw.json). The registry metadata omitted required env/config entries that the scripts actually read; verify the key is stored where you expect. - Installing hooks will modify your repository's lefthook.yml and call lefthook install; review the hook snippet (it sources the skill scripts from $HOME/.openclaw/skills/memguard by default) — ensure that directory contains the genuine memguard scripts and is from a trusted source, since the pre-commit hook will source and run them on every commit. - The installer uses brew to install lefthook, which is standard; no remote code downloads are embedded in the skill files themselves. - If you require absolute confidence in no external communication, inspect the skill scripts for any network-related commands (none were found) and validate that your environment tooling (bash, git, python/node/jq if present) behaves as expected. Overall: coherent and matching its stated purpose, with minor metadata mismatches and the usual cautions around installing project hooks and storing license keys.

Review Dimensions

Purpose & Capability: okName/description match the provided scripts: bash-based pattern scanner, pre-commit hook integration via lefthook, report/CI/watch modes. Required binaries (git, bash) and the lefthook brew install are appropriate for the stated functionality.
Instruction Scope: noteRuntime instructions and scripts operate locally (discover files, run grep-based patterns, generate markdown). Hooks source the skill's scripts from a local skill directory (default $HOME/.openclaw/skills/memguard) and install lefthook into the repo; this modifies repo config (expected for hook installation). The analyzer reads ~/.openclaw/openclaw.json for optional config/license values — that config path is used at runtime but was not listed in the registry's 'required config paths' field (incoherence in metadata). No network calls or telemetry are present in the scripts.
Install Mechanism: okInstall spec is a single brew formula (lefthook) to provide git-hook functionality — a low-risk, well-known package source. The skill itself is provided as included bash scripts (no remote download during install), and there are no downloads from untrusted URLs recorded.
Credentials: noteThe skill declares MEMGUARD_LICENSE_KEY as the primary credential (used only for pro/team features) which is appropriate. However, registry metadata listed 'Required env vars: none' while SKILL.md and scripts reference MEMGUARD_LICENSE_KEY and also read ~/.openclaw/openclaw.json (which may contain apiKey). This mismatch between declared required env/config and actual script behavior is an inconsistency to be aware of.
Persistence & Privilege: notealways:false and model invocation allowed (default). Hook installation alters project lefthook.yml and runs lefthook install in the repo (expected for a pre-commit scanner). The skill does not request system-wide persistent privileges beyond installing/using lefthook and writing to the repo config when hooks are installed.