Lobster Memory System
AdvisoryAudited by VirusTotal on Apr 21, 2026.
Overview
Type: OpenClaw Skill Name: lobster-memory-system Version: 1.0.0 The skill bundle implements a memory management system that requires high-privilege operations, including bypassing PowerShell execution policies and creating persistence via Windows Task Scheduler (setup-auto-backup.ps1). While these actions are documented for the purpose of 'auto-backup,' the use of system-level task scheduling and permission modifications (icacls) in INSTALL.md and SKILL.md represents a significant security risk. The instructions also direct the AI agent to autonomously manage its own 'identity' and 'soul' files, which could be exploited to alter agent behavior or maintain unauthorized persistence on the host system.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user obtains and runs the referenced scripts from elsewhere, those scripts could do more than the reviewed skill documents show.
The documentation relies on helper scripts, but those scripts are not included in the reviewed artifacts, leaving their provenance and behavior outside this review.
No code files present — this is an instruction-only skill. File manifest: INSTALL.md, SKILL.md, skill.yaml, _meta.json
Only run the referenced scripts after checking their source and contents, preferably from a trusted repository or signed release.
Running unreviewed setup scripts could modify local files or system settings beyond what the documentation describes.
The install guide asks the user to run PowerShell scripts with ExecutionPolicy bypass. This is a common setup pattern but should be reviewed because the scripts are not supplied here.
powershell -ExecutionPolicy Bypass -File scripts/init.ps1
Inspect the PowerShell scripts before running them, and avoid using ExecutionPolicy bypass unless you trust the script source.
Stored memory may contain private information and can shape future agent responses if inaccurate, stale, or poisoned.
The skill is designed to persist and reload memory into future sessions, including identity, preferences, people, projects, and daily short-term memory.
首次会话 → 加载全部记忆 ... 其他会话: 只加载 CORE/identity.json ... preferences.json ... 当日短期记忆
Regularly review memory files, avoid storing secrets, and keep clear rules for what may be written into long-term memory.
After setup, the backup process may continue running on a schedule and retain copies of memory data.
The skill documents scheduled persistence through Windows Task Scheduler for automatic daily backups.
每日 18:00 自动备份,支持 Windows 任务计划
Enable scheduled backups only if desired, verify the scheduled task, and periodically review or clean old backup snapshots.