ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

MemClawz Connect

v1.1.0

Connect any AI agent to the MemClawz shared memory bus. Gives agents read-before-act and write-after-complete patterns via a simple HTTP API. Use when an age...

0· 138·0 current·0 all-time
byYoni@yoniassia
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's stated purpose (connect an agent to a MemClawz HTTP memory bus) matches the instructions (curl-based read/write/search), but metadata lists no required environment variables while the runtime instructions clearly require MEMCLAWZ_URL and MEMCLAWZ_AGENT_ID (and optionally MEMCLAWZ_API_KEY). The omission of these expected requirements and the lack of a homepage/origin (source: unknown) are inconsistent and reduce trust.
!
Instruction Scope
SKILL.md instructs the agent to run curl against whatever MEMCLAWZ_URL is set to (localhost or any remote host) and to write arbitrary 'content' after tasks. That behavior is expected for a memory connector, but it also allows sending agent context and results to any remote endpoint the operator configures (the doc even shows a public IP example). The instructions do not restrict what data to include, do not require authentication by default, and do not warn about sensitive data — increasing the risk of accidental or malicious exfiltration.
Install Mechanism
There is no install spec and no code files (instruction-only). This minimizes local attack surface because nothing is downloaded or written by the skill itself.
!
Credentials
Declared requirements list no environment variables or credentials, but the runtime docs require MEMCLAWZ_URL and MEMCLAWZ_AGENT_ID and mention MEMCLAWZ_API_KEY if auth is enabled. This mismatch is problematic: required secrets/vars are not declared in metadata, and a skill that can send data to an arbitrary URL should explicitly declare and justify any credentials it needs.
Persistence & Privilege
The skill is not always-enabled and uses the default model-invocation policy (agent may invoke it autonomously). Autonomous invocation plus the ability to send arbitrary data to a remote MemClawz server increases blast radius if the server is untrusted — but autonomous invocation alone is expected and not a standalone red flag.
What to consider before installing
This skill probably does what it claims, but there are missing declarations and provenance issues you should address before installing. Specifically: (1) Verify you trust and control the MemClawz server you point MEMCLAWZ_URL at — do not set it to an unknown public IP. (2) Treat MEMCLAWZ_URL, MEMCLAWZ_AGENT_ID, and MEMCLAWZ_API_KEY as required configuration and only provide them if you understand where data will be stored. (3) Ask the publisher for a homepage, source code, and a clear security model (auth, data retention, encryption). (4) If you plan to use this with agents that may handle secrets or PII, restrict the skill to agents you control or modify the AGENTS.md procedure to sanitize or exclude sensitive content before writing. (5) Prefer a deployment where MEMCLAWZ_URL is localhost or an internal, access-controlled host, and require an API key on the server side. If the vendor cannot justify the missing metadata and unknown origin, avoid enabling it for agents handling sensitive data.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ajtvm0gq6njkyvfx9z016p98338ej

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments