ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

RMN Visualizer

v1.1.2

Visualize your AI Agent's 5-layer recursive memory network from local files with an interactive D3.js force-directed graph in a Node.js server.

0· 553·1 current·1 all-time
byceelo@weidadong2359
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name, description, and code align: the skill parses MEMORY.md, memory/*.md, .issues/* and serves a D3 force-directed visualization. The parser heuristics, layers, and UI behavior are consistent with the stated purpose.
!
Instruction Scope
SKILL.md and launch.js explicitly instruct the agent to start a Cloudflare tunnel and to return the tunnel URL to the chat. That workflow exposes all parsed local memory files to the public URL created by cloudflared. The instructions also default to scanning the OpenClaw workspace (and allow RMN_WORKSPACE override), which means potentially sensitive agent 'memory' and 'SOUL.md' are read and served. The behavior is consistent with the feature, but it is high-risk for sensitive data and the instructions give the agent authority to publish the URL to the conversation.
Install Mechanism
There is no install spec (instruction-only plus two JS scripts), so nothing is written by an installer. The only external runtime dependency is cloudflared (the code checks for it and requires it for the tunneling path). Using cloudflared is reasonable for exposing a local server, but relying on a locally installed tunnel binary gives the skill the ability to expose files publicly if run.
Credentials
The skill declares no required env vars, but the code honors RMN_WORKSPACE, RMN_PORT, and OPENCLAW_WORKSPACE to locate files. Those overrides are reasonable for a file-scanning visualizer, but they also let the skill be pointed at arbitrary directories. No API keys or unrelated credentials are requested.
Persistence & Privilege
always is false, the skill does not modify other skills or system configuration, and it does not persist credentials. It spawns processes (node + cloudflared) but does not attempt to install background services or enable itself permanently.
What to consider before installing
This skill will read markdown files from your OpenClaw workspace (MEMORY.md, memory/*.md, .issues/*, SOUL.md) and can start a Cloudflare tunnel that publishes a public URL serving those parsed files. Before running or letting an agent auto-run the 'launch' flow: 1) Inspect the workspace files to ensure no secrets or private data are present; 2) Prefer running node scripts/serve.js locally and opening http://localhost:3459 rather than using the tunnel; 3) If you must use the tunnel, run it yourself manually and do not instruct the agent to automatically post the URL to chat; 4) Consider copying a sanitized subset of memory files into a temporary test workspace to preview behavior; 5) If you do not trust automatic sharing, do not grant the agent permission to invoke this skill autonomously.

Like a lobster shell, security has layers — review code before you run it.

latestvk97asmdjh2hkpszeb75y1r1t8181q6we

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments