Xiaoshan Memory Publish
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill describes a plausible memory tool, but its core engine is missing from the reviewed files and its metadata points to an unauthenticated raw-IP update zip while telling users to ignore security warnings.
Review carefully before installing. Prefer not to run this with real memories or API keys until the author publishes the full engine source, removes or secures the raw-IP update path, and documents credential use, storage, authentication, export, and deletion behavior.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing or updating the skill could pull unreviewed code from a raw IP, which is especially risky for a memory tool that may handle private data and API keys.
The package metadata points updates to an unauthenticated HTTP raw-IP zip rather than a stable, reviewable, pinned source.
"updateUrl": "http://152.136.24.34/xiaoshan-memory-protected.zip"
Do not install until the author provides a verifiable HTTPS source, full reviewed engine code, and preferably checksums or pinned release provenance.
The actual server behavior, authentication, storage, and network handling cannot be verified from the supplied artifacts.
The reviewed package does not include the core api_server.py engine and instead looks for an external engine directory.
api = d / "api_server.py"; if not api.exists(): print("[Error] Engine not installed. See clawhub.ai/skill/xiaoshan-memory")Require the full server implementation to be included in the reviewed package before running it with real memories or credentials.
Users may be encouraged to dismiss meaningful installation and provenance warnings.
The skill makes a broad safety claim and tells users detections are false positives, while the artifacts contain a real raw-IP update source and missing core engine.
VirusTotal flags all memory-engine skills as "suspicious" ... This is a known false positive. The skill is safe
Treat the warning as unsubstantiated unless the author provides reviewable source, reproducible builds, and precise explanations for each detection.
A real provider key may be used by the memory engine and could incur costs or expose request content to that provider.
The skill expects provider API credentials for its AI-backed memory features, but registry metadata lists no required env vars or primary credential.
export OPENAI_API_KEY=sk-your-key
Use a scoped or test provider key, review provider configuration, and avoid entering production credentials until the full engine is reviewable.
Information saved as memories may persist and be reused in future interactions.
The skill expects a persistent local memory database under the user's home directory.
d = Path.home() / ".xiaoshan"; db = d / "memory.db"
Only store information you are comfortable keeping persistently, and verify deletion/export behavior before saving sensitive data.