Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
摇摇记忆系统
v1.0.0支持多层次记忆管理和标签分类,实现跨会话检索、持久化存储、定期整理及与IMA知识库双向同步。
⭐ 0· 52·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The name/description match the included scripts (local memory management + IMA sync). However, the registry metadata declares no required environment variables or credentials while both SKILL.md and scripts clearly expect IMA client_id/api_key (via config.json or env vars). That omission in declared requirements is an inconsistency users should know about.
Instruction Scope
Runtime instructions and scripts read and write many workspace files (MEMORY.md, memory/*.md, .learnings/*, knowledge/*) and may upload their contents to the remote IMA service. The SKILL.md indicates IMA sync is '默认启用' and the default config shows knowledge_sync.enabled: true, which means content could be sent externally if the user provides credentials or leaves defaults—this is scope expansion beyond purely local memory management and presents a potential data-exfiltration vector if users put sensitive data in the workspace.
Install Mechanism
No install spec (instruction-only + scripts) and no downloads are present. The skill does not perform archive downloads or install arbitrary third-party packages at install time. It relies on simple Python scripts and existing tooling (urllib/requests mention).
Credentials
The code expects IMA credentials (client_id / api_key) via config.json or environment variables (IMA_CLIENT_ID, IMA_API_KEY), but the registry metadata lists no required env or primary credential. Requesting an API key for the external IMA service is reasonable for sync functionality, but the missing declaration is a red flag. Also the skill accesses arbitrary workspace files which could contain secrets; syncing them to an external service is disproportionate unless the user explicitly consents and configures which files to sync.
Persistence & Privilege
The skill is not marked always:true and does not modify other skills or system-wide settings. Autonomous invocation is allowed by default (platform default) — combined with default-enabled sync this increases the blast radius but by itself is not an unusual privilege.
What to consider before installing
This skill implements local memory files plus an IMA sync script that will upload workspace documents to https://ima.qq.com/ using an IMA client_id and api_key. However, the registry metadata did not declare those required credentials. Before installing: 1) Treat the IMA sync as a potential data-exfiltration path — don't enable syncing if your workspace may contain sensitive data. 2) Inspect or create config.json and set knowledge_sync.enabled to false unless you intend to sync; verify the notes_mapping IDs. 3) If you will use sync, supply credentials only if you trust the IMA endpoint and understand what files will be uploaded. 4) Run the skill in a sandbox or with non-sensitive example files first. 5) Preferably ask the publisher for provenance (homepage, source repo) or request that required env vars be declared in the registry metadata.Like a lobster shell, security has layers — review code before you run it.
latestvk97309dw197xmepq0gvwq0sn4h845cfg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.