Back to skill
Skillv1.0.0
ClawScan security
Memory Deduplication · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 1, 2026, 12:45 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions align with its stated purpose (deduplicating and merging MEMORY.md); it reads and rewrites MEMORY.md, makes backups, and contains no network or unexpected credential access.
- Guidance
- This skill appears coherent with its purpose and contains no network or secret-exfiltration behavior. Before installing/running: (1) run node dedup.mjs --dry-run to preview changes; (2) verify the workspace target (set OPENCLAW_WORKSPACE explicitly if needed) so it edits the intended MEMORY.md; (3) review the backup folder after a real run and confirm diffs; (4) consider running first in an isolated agent/session or on a copy of your repository. If you want stricter guarantees, inspect the script locally (dedup.mjs is small and readable) or run it inside a sandboxed environment.
Review Dimensions
- Purpose & Capability
- okThe name/description (Memory Deduplication) match the contained script and SKILL.md: the tool parses MEMORY.md, finds similar sections, merges/removes them, and writes results. No unrelated binaries, credentials, or external services are requested.
- Instruction Scope
- noteSKILL.md instructs running the provided Node script and optionally scheduling a cron job. The runtime instructions and script operate only on MEMORY.md in the workspace and create backups; they do not read network endpoints or other system credentials. Note: the script overwrites MEMORY.md (with backups by default) — use --dry-run to preview changes and review diffs before accepting.
- Install Mechanism
- okNo install spec or external downloads; this is an instruction-only/embedded script. The package files are local and there are no archives or remote install URLs, so install-side risk is low.
- Credentials
- noteThe registry metadata declares no required env vars, which is consistent. The code does read an optional OPENCLAW_WORKSPACE environment variable to determine the workspace path; this env var is not declared in requires.env (it's optional). This is not malicious but worth noting because setting OPENCLAW_WORKSPACE changes which MEMORY.md is edited.
- Persistence & Privilege
- okThe skill is not always-enabled and does not request elevated platform privileges. It writes to files within the workspace (MEMORY.md and a memory/ backup folder) which is expected for its purpose. It does not modify other skills or global agent configuration.