emotional-memo
v1.0.0A shared emotional memo for relationships — records emotional moments and gently reminds before old wounds are touched
⭐ 0· 92·0 current·0 all-time
by@zj-zc
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name and description describe recording and reminding about emotional moments; the SKILL.md only requires creating and reading a local data/memo.json and performing matching/translation workflows — these are coherent with the stated purpose.
Instruction Scope
All runtime instructions are focused on capturing, summarizing, matching, and translating emotional entries and explicitly use only the local data/memo.json. No network endpoints, unrelated system paths, or extra environment variables are referenced. However, the instructions store highly sensitive personal content to an unencrypted JSON file and provide no guidance on access control, encryption, consent management, retention, or deletion — a privacy gap that should be addressed before use.
Install Mechanism
Instruction-only skill with no install spec and no code files. Lowest-risk install posture — nothing is downloaded or written beyond the described local data file.
Credentials
The skill requests no environment variables, binaries, or external credentials. The declared requirements are minimal and proportional to the stated functionality.
Persistence & Privilege
always:false and normal invocation behaviour. The skill writes only its own data/memo.json and does not modify other skills or system configuration. No elevated persistence or privileges are requested.
Assessment
This skill appears to do what it says — record and remind about emotional moments — and it only writes to a local data/memo.json. Before installing, consider the following: 1) data sensitivity: entries will contain private emotional details; confirm where the agent stores workspace files and whether that location is backed up or synced to cloud services. 2) encrypt or protect data/memo.json (disk encryption, application-level encryption, or store secrets in a protected store) or require user opt-in before saving. 3) access controls: decide who (which accounts/people) can read or invoke the skill and add explicit consent/permission steps in the workflow. 4) retention & deletion: add commands for exporting, deleting, or anonymizing entries and a clear retention policy. 5) auditing: consider logging when entries are read/surfaced and who triggered the reminders. If the skill ever adds network calls, external endpoints, or requests credentials, treat that as a significant change and re-evaluate. Providing explicit instructions in SKILL.md for consent, encryption, and deletion would increase confidence.Like a lobster shell, security has layers — review code before you run it.
latestvk976kgr47aa3cbr79xsq53zp8x835n0k
License
MIT-0
Free to use, modify, and redistribute. No attribution required.