Skillv1.0.0

ClawScan security

Minimal Memory · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 15, 2026, 3:17 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and runtime instructions are consistent with its stated purpose (local memory management) and do not request unrelated credentials, network access, or special installs.
Guidance: This skill appears to do exactly what it says: manage local memory files. Before installing or running: (1) review and back up any existing $HOME/.openclaw/workspace and MEMORY.md to avoid accidental moves; (2) do not set MEMORY_DIR or WORKSPACE to sensitive system paths (e.g., /root, ~/.ssh, system config dirs) because the scripts will move or archive files based on those values; (3) archive.sh will move files older than 30 days (if they contain only NEUTRAL entries) into an archive subdirectory—run it manually first to confirm expected behavior; (4) there is no network or credential usage in the scripts, so network exfiltration is not evident, but you should still inspect any modifications you plan to make to the scripts or env vars. Overall the skill is internally coherent and low risk when used as intended.

Review Dimensions

Purpose & Capability: okName/description match the delivered artifacts: scripts and SKILL.md implement a local memory system (daily logs, MEMORY.md, search, archive, cleanup). No unrelated binaries, services, or credentials are required.
Instruction Scope: noteSKILL.md instructs use of the included scripts and explains workflow. The scripts only read/write files under a workspace/memory directory and the workspace root; they do not call external services. Note: SKILL.md examples reference the skill script path (~/.openclaw/skills/minimal-memory/scripts/...), while the scripts themselves operate on MEMORY_DIR/WORKSPACE (defaults to $HOME/.openclaw/workspace), which is a minor path mismatch but functionally coherent.
Install Mechanism: okNo install spec; this is effectively an instruction+script bundle. Nothing is downloaded at install time, and no archive extraction or external package installs are present.
Credentials: noteThe skill declares no required environment variables or credentials. The scripts do honor optional env vars (MEMORY_DIR and WORKSPACE) to override defaults; this is reasonable for configurability but means a user or another process could point the scripts at arbitrary directories—so avoid setting those env vars to sensitive system locations.
Persistence & Privilege: okalways:false and no attempts to modify other skills or global agent configuration. Script behavior is limited to the skill's own workspace area (by default) and does not request permanent system-wide presence or escalate privileges.