Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Compact Guard
v1.0.5Smart context compaction for OpenClaw agents. 4-phase progressive strategy: Scan, Extract, Check, Compact. Before running /compact, this skill scans tool out...
⭐ 0· 44·0 current·0 all-time
by@wavmson
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name and description (pre-compact scanning, extraction, checklist, then optional compression) align with the instructions: scanning tool outputs, extracting important facts, producing a checklist, and optionally running /compact. The requested capabilities (reading tool outputs, writing memory files) are coherent with the stated purpose.
Instruction Scope
The SKILL.md explicitly requires reviewing "all tool invocation results" and extracting items such as addresses, configuration values, file paths, and error details. It then unconditionally instructs appending those extractions to memory/YYYY-MM-DD.md via an 'edit' append operation. The document does not require or document getting user consent before writing the memory file (only before executing /compact). Persisting potentially sensitive data without an explicit, contextual user confirmation is a scope/privacy concern.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. Nothing is downloaded or written to disk by an installer step beyond the agent's normal 'edit' memory API usage as described in the instructions.
Credentials
The skill requests no environment variables or external credentials (good), but it instructs persistent storage of sensitive categories (addresses, config values, file paths, error solutions). That persistence is disproportionate without safeguards: the SKILL.md does not require redaction, filtering of secrets, or an explicit opt-in before writing those items to persistent memory.
Persistence & Privilege
always:false (normal) and model invocation is allowed (default). Because the skill describes triggers (e.g., heartbeat suggesting when context near 80%) and autonomous invocation is permitted by platform default, the agent could autonomously run the skill and append extracted items to persistent memory files. Combined with the instruction to write sensitive info without an explicit consent step, this raises a persistence/privilege concern.
What to consider before installing
This skill appears to do what it says (scan, extract, checklist, then compress), but it will examine all tool outputs and append extracted facts (addresses, configs, file paths, errors, etc.) into persistent memory files without an explicit user confirmation for that write. Before installing or enabling it, consider: 1) Where are memory/YYYY-MM-DD.md files stored and who can read them? Are they encrypted or access-controlled? 2) Do you want tool outputs and configuration values to be added to long-term memory automatically? 3) Ask the author (or test) whether the skill redacts secrets or asks for per-item confirmation before writing. 4) If you are worried about autonomous runs, disable autonomous invocation for this skill (if your platform allows) or require explicit user triggers. 5) Test in a non-sensitive workspace first to observe exactly what gets written. If you cannot confirm safe storage and redaction, treat this skill as a privacy risk.Like a lobster shell, security has layers — review code before you run it.
latestvk97582cpk9et00ed1dgt8f7rb9840vgv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.