v1.0.0

Memory Manager

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:59 AM.

Analysis

This skill matches its memory-management purpose, but it can automatically move and delete OpenClaw memory/conversation files and its safety promises are not fully reflected in the code.

GuidanceReview and configure retention limits before installing. Only use it if you are comfortable with it managing OpenClaw memory files, and prefer a version that requires confirmation and creates backups before deleting conversations or compressing long-term memory.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

index.js

const toDelete = sorted.slice(0, sorted.length - CONFIG.maxConversations); ... fs.unlinkSync(filePath);

The cleanup path deletes conversation files beyond the configured limit directly from the OpenClaw memory directory, with no prompt or backup in the code path.

User impactIf invoked automatically or unintentionally, the skill can permanently remove older conversation records and alter local memory state.

RecommendationAdd a dry-run mode, explicit user confirmation, backups for conversation deletion, and configurable retention/path settings before destructive cleanup.

Human-Agent Trust Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

- ✅ 合并前自动备份; - ✅ 删除前确认重要性; - ✅ 错误恢复机制

The documentation promises backups, deletion confirmation, and recovery, but the included code deletes old conversation files directly and does not implement a confirmation or recovery flow for that deletion.

User impactA user may trust that destructive memory cleanup is safer or more reversible than the code actually shows.

RecommendationEither implement the promised safeguards consistently or change the documentation to accurately describe when files can be deleted without confirmation.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityMediumConfidenceHighStatusConcern

SKILL.md

长期记忆（永久保存） ... 原始记忆 → 提取关键词 → 生成摘要 → 保存核心信息 → 删除冗余

The skill is explicitly designed to persist, summarize, compress, and delete memory content, which can shape future agent context and reduce reversibility.

User impactIncorrect, sensitive, or poisoned memories could be retained permanently or summarized into future context, while original details may be removed.

RecommendationRequire user review for memory merges/compression, provide exclusions for sensitive content, keep recoverable backups, and make retention/reuse policies explicit.