Cortex
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: cortex-ai Version: 1.0.0 The provided files consist of metadata and documentation for 'Cortex,' a persistent memory system for AI agents. There is no executable code, scripts, or instructions that suggest malicious intent, data exfiltration, or prompt injection. The documentation in SKILL.md describes legitimate features such as knowledge graphs and git-tracked storage, and the content is consistent with its stated purpose.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private conversation details, preferences, decisions, or accidental secrets could be stored and reused in future agent sessions, and git tracking may make removal harder if history is retained.
The skill explicitly describes automatically extracting conversation content into persistent memory across sessions, but the artifacts do not define user consent, scope, retention, redaction, or deletion controls.
Persistent memory for AI agents... File-based, git-tracked... Observer — Automatic memory extraction from conversations.
Use only if you want persistent agent memory; require explicit write approval, scoped storage paths, sensitive-data exclusions, memory review and deletion controls, and clear retention behavior before relying on it.
The reviewed artifact does not show the actual memory implementation, so users cannot verify from this package alone how data is stored or protected.
The supplied package is instruction-only with no install spec or code files, while the skill points to an external repository; the linked implementation was not part of the reviewed artifacts.
GitHub: [sigmalabs-ai/cortex](https://github.com/sigmalabs-ai/cortex)
Verify the linked repository, version, code, and storage behavior separately before installing or connecting it to sensitive conversations or documents.