ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Graph Memory Zero

v1.0.2

Production playbook for OpenClaw graph-memory optimization with mem0-aligned recall governance. Use when users ask to (1) summarize current graph-memory stat...

0· 53·0 current·0 all-time
by@wangyangwjy
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the instructions: the skill documents how to inspect, patch, restart, verify, and rollback plugins.entries.graph-memory.config. It does not request unrelated credentials, binaries, or config paths.
Instruction Scope
Instructions stay focused on graph-memory config lifecycle (schema lookup, gateway.config.get/patch, restart, gm_search verification). Operational guidance includes a potentially risky recommendation to 'skip blocking local test path' and proceed with a controlled patch if local tests fail — this is scope-consistent but operationally aggressive and should be used with caution in production.
Install Mechanism
No install spec or code is included (instruction-only), so nothing is written to disk or fetched during install; distribution guidance is benign and uses normal channels (registry, .skill zip, copy).
Credentials
No environment variables, credentials, or unrelated config paths are required. The files contain example runtime values (example LLM/embedding baseURL and models) as baseline metadata, which is explanatory rather than a secret requirement.
Persistence & Privilege
Skill is not always-enabled, does not request permanent presence, and its actions are limited to reading/patching the graph-memory plugin configuration and verifying behavior. It does not instruct modification of other skills' configurations.
Assessment
This appears to be a coherent, instruction-only playbook for safely tuning a graph-memory plugin. Before using it, ensure you (or the agent) have the proper operational permissions to read/patch gateway.config and restart the gateway; take and store the config snapshot it asks for so rollbacks are possible; be cautious about the guidance to skip local tests — only use that in controlled canary/gradual rollouts with strong observability; and review any runtime baseURL/model entries in the baseline file to ensure they point to trusted endpoints in your environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fhwsvb8jdnp10w1svb13bn183q24z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments