Back to skill
Skillv1.0.0
ClawScan security
Memory Distill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 20, 2026, 3:12 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only 'memory distill' helper whose required actions (scanning conversation history, extracting summaries, and writing local memory files or scheduling cron/heartbeat triggers) match its stated purpose and request no unrelated credentials or installs.
- Guidance
- This skill appears coherent: it will read your conversation history and write summarized memory files and can schedule itself via Cron or HEARTBEAT. Before enabling it, review where memory files (MEMORY.md and memory/YYYY-MM-DD.md) will be stored, ensure they don't inadvertently contain secrets, set retentionDays and keep autoClean/autoReset disabled unless you want automated deletion/reset, and only add cron/heartbeat entries if you trust the agent to run these tasks. If you need stronger privacy, ask for automatic redaction/encryption or avoid persisting sensitive conversations.
Review Dimensions
- Purpose & Capability
- okThe name/description (distilling conversation memory into structured files, scheduling via Cron/HEARTBEAT) align with the instructions: scanning session history, extracting decisions/tasks/knowledge, writing MEMORY.md and memory/YYYY-MM-DD.md, and configuring cron or heartbeat triggers. No unrelated binaries, env vars, or external services are requested.
- Instruction Scope
- noteInstructions explicitly direct the agent to scan the current conversation history and write structured memory files and reports — this is coherent with the purpose. Note: the skill will read user conversation content (potentially sensitive) and persist summaries to workspace files; SKILL.md leaves sensitive-data handling largely to manual marking and does not provide automated redaction or encryption guidance.
- Install Mechanism
- okInstruction-only skill with no install spec or external downloads. Lowest-risk delivery method; nothing is written to disk by an installer beyond the agent following file-write instructions at runtime.
- Credentials
- okNo environment variables, credentials, or config paths are required. The requested scope (local file writes, cron/heartbeat integration) is proportionate to the described functionality.
- Persistence & Privilege
- okalways:false and normal agent invocation are used. The skill does not request permanent platform-wide privileges or modify other skills' configs. It suggests creating cron jobs and updating HEARTBEAT.md, which is expected for scheduled automation but should be done intentionally by the user.