ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Skill From Memory

v0.1.2

Convert memory, conversation history, or completed tasks into publishable OpenClaw skills. Use when (1) A task or workflow should be reusable, (2) Extracting...

2· 2.7k·9 current·10 all-time
by@zfanmy
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The skill claims to extract from conversation history/memory and create/publish skills; the included scripts do exactly that (extract, create skill files, optionally push to GitHub and ClawHub). Access to session and memory files, and to git/clawhub tooling, is coherent with the stated purpose.
!
Instruction Scope
Scripts directly read arbitrary session.jsonl and memory.md files (examples reference ~/.openclaw/agents/main/sessions/latest.jsonl). They extract conversation text and code blocks and copy them into generated skill packages. If the extracted content contains secrets or private data, the publish step will push that content to remote services. The instructions allow full automatic create-and-publish in one command, which increases the risk of unintentionally exposing sensitive data.
Install Mechanism
No install spec or remote downloads are present; the skill is instruction+scripts only. It requires common CLI tools (git, jq, clawhub) which are reasonable for the stated functionality.
Credentials
The skill declares no environment variables, which is consistent, but publishing requires GitHub credentials/SSH keys and ClawHub auth in practice. Those are not requested explicitly by the skill metadata — users must supply them externally. This is expected for publishing, but the scripts will capture and stage any extracted content (including any credentials present in conversations) and push them if a repo/slug is provided.
Persistence & Privilege
always:false and no system-wide persistence requested. The scripts may initialize a git repo and add a remote inside the created skill directory, but they do not modify other skills or agent system configuration.
What to consider before installing
This skill will read your local conversation history and memory files, extract text and code blocks, generate a skill package, and — if you pass GitHub/ClawHub targets — attempt to push that package to remote repositories. Before using: (1) Inspect the extracted output directory (extracted-*) and review code_blocks.txt / extraction-summary.md for any secrets or private data. (2) Run create steps without publish (omit --github/--clawhub or use --skip-github / --skip-clawhub) to verify contents. (3) If you must publish, push to a private repo first and double-check files; don't publish directly to public repos. (4) Ensure you understand that any API keys, tokens, or PII present in conversations could be included in the package and uploaded. (5) Consider grepping session/memory files for common secret patterns before extraction, and prefer manual review of generated SKILL.md and scripts prior to running publish.sh.

Like a lobster shell, security has layers — review code before you run it.

latestvk975vgykyf6z17dtb2frw92yyn81agz5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments