Skillv1.0.0

ClawScan security

Double-Check-It Skill (再想想技能1.0) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 15, 2026, 1:18 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions are coherent with a local long‑term memory feature: it only reads/writes files inside a workspace directory and contains no network exfiltration, external installs, or unrelated credential requests.
Guidance: This skill does what it says: it persistently records conversation summaries, performs pre‑delivery checks, and writes experience notes to files in the agent workspace. Before installing, consider: (1) Privacy — every recorded interaction will be stored long‑term (including sensitive info like credentials or financial data you might discuss); (2) Storage location — the script writes to /home/minimax/.openclaw/workspace/memory (hardcoded); change this path if you want a different location or permissions; (3) Access controls — ensure the workspace and backups are properly protected/encrypted and rotated or purged per your retention policy; (4) Autonomy — the agent can be configured to call these commands automatically, so decide whether you want automatic recording/auto checks or prefer manual triggers; (5) Audit the script if you plan to store highly sensitive data (it has simple file I/O and grep usage only). If any of these are unacceptable, do not install or modify the script to restrict what is recorded and where.

Review Dimensions

Purpose & Capability: okName/description (long‑term memory, double‑check, reflection) align with the provided script and SKILL.md: the skill persists conversation summaries, runs checks, and performs periodic reflections. Required binaries/env/credentials are none, which is appropriate for a local file‑based memory system.
Instruction Scope: noteSKILL.md instructs the agent to record after interactions, run pre‑delivery checks, and periodically reflect; the included scripts implement those behaviors by reading/writing files under a workspace memory directory. This stays within the skill's stated scope, but it is broad in data collection: it records conversation content persistently and will search those files when checking/reflecting, which has privacy implications.
Install Mechanism: okNo install spec or external downloads. The skill is instruction‑only with an included shell script; nothing is fetched from the network or written to arbitrary system paths during install.
Credentials: okThe skill requests no environment variables or credentials. The script uses filesystem access only (a hardcoded workspace path). There are no secrets requested or network endpoints involved.
Persistence & Privilege: notealways:false (normal). The script persistently stores memory under /home/minimax/.openclaw/workspace/memory, so it gains durable presence in the agent workspace. It does not modify other skills or system settings, but persistent storage of all interactions increases exposure of sensitive data if the workspace is accessible to others.