Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Conversation Saver
v0.1.1Automatically extract key facts from conversation history and persist to local memory files. Silent background operation with rule+LLM hybrid extraction.
⭐ 0· 50·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (extract facts and persist locally) match the code and SKILL.md. The scripts scan local conversation logs and append extracted facts to memory files (WARM_MEMORY.md, MEMORY.md, USER.md, TOOLS.md). The hardcoded workspace paths and user_id are consistent with a single-user, local-first memory saver.
Instruction Scope
Runtime instructions and extract.py explicitly read message log files from /home/admin/.openclaw/workspace/memory and write to workspace memory files. This is coherent with the stated silent/background operation, but it means the skill will collect and persist potentially sensitive conversation content without interactive prompts. Also note small inconsistencies: SKILL.md and README references a classifier.py and AGENTS.md target, but the manifest includes no classifier.py file and persister does not implement writing to an 'agents_md' target (classification can generate 'agents_md' but persist_facts ignores it).
Install Mechanism
No install spec or external downloads — the skill is instruction + local Python scripts only. No network fetch or archive extraction was found in the package, lowering install risk.
Credentials
The skill requests no environment variables or external credentials. It does access specific filesystem paths under /home/admin/.openclaw/workspace which is appropriate for a local memory manager; however these paths are hardcoded and not declared in the manifest as required config paths (not a security flaw, but worth noting so users verify the correct workspace location and permissions).
Persistence & Privilege
The skill is not forced-always and does not modify other skills' configurations. It writes only to local memory files within the workspace and does not attempt to self-enable or change global agent policies. Autonomous invocation (model invocation enabled) is normal for skills and is not by itself a concern here.
Assessment
This skill appears to do what it claims: quietly scan your local conversation logs and append extracted facts to memory files. Before installing: (1) review the hardcoded paths (/home/admin/.openclaw/workspace/...) and ensure they match your environment and that you are comfortable granting the skill read/write access to those files; (2) run the included dry-run option (uv run scripts/extract.py --today --dry-run) to see what would be extracted; (3) inspect the persister targets (WARM_MEMORY.md, MEMORY.md, USER.md, TOOLS.md) to confirm you want those files modified automatically; (4) note that LLM extraction is mocked in this release — if you plan to enable real model calls, ensure you understand which model/credentials will be used; (5) be aware this operates silently in background mode—if privacy is a concern, keep auto_on_session_end disabled and use manual runs. Finally, consider the minor inconsistencies (missing classifier.py in manifest, classification may reference agents_md but persister doesn't write it, and _meta.json version mismatch) and verify the repository/version you install is the intended one.Like a lobster shell, security has layers — review code before you run it.
latestvk97eatae30k064w2djhcqe70zx83mn5d
License
MIT-0
Free to use, modify, and redistribute. No attribution required.