ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Compact Test A

v1.0.0

Smart context compaction for OpenClaw agents. 4-phase progressive strategy: Scan, Extract, Check, Compact. Before running /compact, this skill scans tool out...

0· 31·0 current·0 all-time
by@wavmson
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (Smart Compact) align with the instructions: it scans tool outputs, extracts important facts, writes them into memory/YYYY-MM-DD.md, and generates a checklist before running /compact. No unrelated binaries, env vars, or install steps are requested.
!
Instruction Scope
SKILL.md explicitly instructs the agent to review all tool outputs (exec, read, web_fetch, web_search) and extract items such as IPs, endpoints, file paths, and even 'authentication information' (albeit claiming it will be redacted). This gives the agent broad discretion to persist potentially sensitive data from tool outputs to disk. There is no concrete, auditable redaction algorithm or enforcement mechanism in the instructions — it's a policy statement the agent is asked to follow, not a code-level guarantee.
Install Mechanism
This is an instruction-only skill in the registry (no install spec). README offers cloning or curl-from-GitHub as optional installation methods; those are common but carry the usual risk of pulling remote content. Nothing in the registry forces an arbitrary binary download or execution.
Credentials
The skill declares no required env vars or credentials, which is consistent. However, its operation depends on reading tool outputs and writing memory files; if those outputs include credentials or tokens, they may be persisted. The skill does not request unrelated external credentials, but it effectively needs access to agent tool outputs and file write permission (memory directory) — reasonable for the stated purpose but potentially sensitive.
Persistence & Privilege
The skill does not request always:true and does not change other skills. It explicitly writes persistent memory files (memory/YYYY-MM-DD.md) which is expected for its purpose. Persisting arbitrary extracted content (including secrets if they appear in outputs) is the main persistence-related risk and relies on policy-level redaction rather than enforced safeguards.
What to consider before installing
What to consider before installing: - Understand what 'memory/YYYY-MM-DD.md' path refers to on your system and who can read it; inspect and set file permissions after installation. - The skill will scan tool outputs (exec/read/web_fetch/web_search). Those outputs can contain secrets (API keys, tokens, private file paths). Ask: do you want agent-written files to potentially include such data? - The SKILL.md promises redaction of sensitive info but provides no technical guarantee. If you rely on this, test with non-sensitive examples and review the produced memory files to verify redaction behavior. - If you install from GitHub/raw URLs, review the repository contents (README and SKILL.md are visible here) and prefer a vetted source; consider cloning from a trusted repo or verifying commit hashes. - If you want to reduce risk: restrict the agent's tools so it cannot read sensitive files or environment variables, require explicit user confirmation for each memory write, or run Smart Compact in a sandbox/with logs reviewed manually. - Periodically audit memory files and consider an automatic cleanup or encryption policy for stored memories that may contain sensitive items.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e9e08x8bz26s3dqaszskr9n841p1e

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments