Back to skill
Skillv1.0.0
VirusTotal security
Memory Auto Archive · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 6:00 AM
- Hash
- 3fd705e2517e012e57af3f28eb207bcd693d9712494e8f4f04ada3e323e89f77
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: memory-auto Version: 1.0.0 The skill bundle is classified as suspicious due to high-risk data handling and execution patterns. Specifically, 'index.js' contains a hardcoded developer path ('C:\Users\42517\...') and attempts to execute external PowerShell scripts ('archive.ps1', 'refine.ps1') with a 'Bypass' execution policy, but these scripts are missing from the bundle. Additionally, the default configuration in 'src/defaults.ts' and 'standalone-archive.js' explicitly targets and extracts sensitive strings like 'password', 'token', 'key', and 'secret' from chat transcripts into plaintext markdown files. While this behavior is consistent with the stated 'memory archiving' purpose, the centralization of secrets without encryption and the reliance on missing external scripts are significant red flags.
- External report
- View on VirusTotal