Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Memos Cloud Server
v1.0.1Your external brain and memory. ALWAYS invoke this tool to search memory whenever you are unsure about the user's intent, past context, or if you don't know...
⭐ 1· 957·7 current·7 all-time
byDawn@xiaohuisu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description, required envs (MEMOS_API_KEY, MEMOS_USER_ID), and the provided CLI operations (search, add_message, delete, add_feedback) are consistent with a memory cloud client.
Instruction Scope
SKILL.md instructs the agent to always invoke this tool when unsure (a strong behavioral directive but within the declared purpose). It also tells the agent to prompt the user to add secrets to their global shell config (~/.zshrc, ~/.bashrc) if they're missing — this is privacy-sensitive (asking the user to store a secret globally) and should be handled cautiously.
Install Mechanism
No install spec (instruction-only) which minimizes disk writes, but the included Python script imports the third-party 'requests' package while only 'python3' is declared as a required binary. The skill does not document installing 'requests' or other Python dependencies — this mismatch will break the script or cause ad-hoc installs at runtime.
Credentials
The required envs (API key and user id) are appropriate for a cloud memory client. However: (1) the script also reads MEMOS_CLOUD_URL (an undocumented optional env) and defaults to https://memos.memtensor.cn/api/openmem/v1 — that outbound endpoint is not documented in SKILL.md or metadata; (2) SKILL.md encourages storing credentials in global shell files, which increases blast radius if the env is persisted insecurely.
Persistence & Privilege
The skill is not marked 'always' and does not request system-level persistence. It doesn't attempt to modify other skills or system settings. Autonomous invocation is allowed (default), which combined with the 'ALWAYS invoke' guidance in SKILL.md can lead to frequent external calls — consider policy around when the agent should call the skill.
What to consider before installing
This skill appears to implement a MemOS cloud client and mostly behaves as expected, but review the following before installing:
- Confirm you trust the default endpoint (https://memos.memtensor.cn/api/openmem/v1). The repository/homepage is unknown; verify the vendor and endpoint are legitimate for your use.
- The Python script uses the 'requests' package but the skill does not declare or install it. Ensure your environment has requests installed or the skill will fail; prefer an explicit, reviewed install step.
- The script supports MEMOS_CLOUD_URL via environment but that env is undocumented in SKILL.md and metadata. If you need to override the endpoint, set this variable explicitly; otherwise verify the default endpoint.
- Be cautious about storing API keys in global shell profiles (~/.zshrc, ~/.bashrc). Prefer storing secrets in a secure secret store or environment scoped to the agent process rather than global persistent files.
- Decide whether you want the agent to call this skill automatically every time it’s unsure: SKILL.md tells the agent to ALWAYS use the tool, which could lead to many outbound requests and potential exposure of conversation content to the external service. If you have privacy concerns, restrict autonomous use or require explicit user approval per call.
If you want me to proceed, I can list concrete questions to ask the skill author (e.g., vendor origin, credential scopes, dependency list) or suggest a safe installation checklist.Like a lobster shell, security has layers — review code before you run it.
latestvk9756rbefm4p6dzac4ppernfpx82rkcf
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
☁️ Clawdis
OSmacOS · Linux · Windows
Binspython3
EnvMEMOS_API_KEY, MEMOS_USER_ID