Back to skill
Skillv0.1.5
ClawScan security
Memory Enhancer Pro · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 1:48 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions are consistent with a local memory-management / token-optimization tool: it reads/writes files under the OpenClaw workspace, can delete/compact old memory files, and does not perform network access or request external credentials.
- Guidance
- This skill appears to do what it says and runs entirely on local files. Before enabling scheduled or automatic deletion behavior: 1) Back up ~/.openclaw/workspace (especially memory/ and MEMORY.md). 2) Review the scripts (cleanup.py and token-optimizer.py) because they will delete or compress old memory files and also read other workspace files (USER.md, SOUL.md, AGENTS.md) which may contain sensitive data. 3) Test with dry-run/--analyze first (the docs recommend this). 4) Note the included config file (config/token-optimizer-schedule.json) sets enabled=true by default in the package — if you want explicit control, set enabled=false until you add cron entries or explicitly enable scheduling. 5) Do not expect any network or secret exfiltration from these scripts as provided, but only install/run if you are comfortable with local read/write/delete operations on your OpenClaw workspace.
Review Dimensions
- Purpose & Capability
- okThe name/description (semantic search, summarization, classification, token optimizer, scheduled tasks) align with the included scripts. The scripts operate on ~/.openclaw/workspace files and provide token analysis, compression and cleanup which are reasonable for the stated purpose.
- Instruction Scope
- noteRuntime docs and SKILL.md accurately describe most behaviors (reads MEMORY.md/SESSION-STATE.md, writes config/logs, may delete old memory). One minor mismatch: token-optimizer.py inspects additional workspace files (USER.md, SOUL.md, AGENTS.md) not explicitly listed in SKILL.md's 'read' list. These are still within the workspace domain but may contain sensitive data; the README does warn about file write/delete and recommends backups.
- Install Mechanism
- okNo install spec / network downloads; all scripts are bundled. Installation instructions are limited to making scripts executable. This is the lowest-risk installation pattern.
- Credentials
- okThe skill requests no environment variables or external credentials. It only accesses local workspace files and writes config and logs under its skill folder; the requested access is proportionate to its functionality.
- Persistence & Privilege
- okalways:false (not force-included). The skill can create config/log files under its own skill directory and operate cron tasks if the user enables them. It does not modify other skills or system-wide settings beyond user-managed crontab instructions. Note: the bundled config file in the package has 'enabled': true which could cause scheduled-optimizer to consider scheduling enabled unless the user inspects/changes it.