Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
long-term-task-memory
v1.0.2按需调用火山引擎 Milvus 向量数据库进行长期记忆存储与检索,支持灵活的数据格式区分角色、事件、项目等维度;当用户明确要求保存、查询、更新或删除长期记忆时使用
⭐ 1· 117·0 current·0 all-time
by@zuoanco
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's name/description and the included scripts consistently implement a Milvus memory manager (connect, create collection, save/query/update/delete memories). However, the registry metadata declares no required environment variables or primary credential while the SKILL.md and scripts clearly expect MILVUS_URI and MILVUS_TOKEN. That mismatch is disproportionate to the stated metadata and should be treated as an incoherence.
Instruction Scope
SKILL.md restricts actions to initializing a Milvus collection and CRUD operations on memories and instructs running scripts in scripts/milvus_manager.py. That's within scope for the stated purpose. Two cautions: (1) the runtime will load a .env file from multiple locations (script dir, current working directory, skill root) which may unintentionally read unrelated .env files and export any keys they contain into the process; (2) the SKILL.md and script require supplying credentials (MILVUS_TOKEN) and making network calls to the user-provided MILVUS_URI, so data will be sent to that endpoint (expected but security-relevant).
Install Mechanism
There is no install spec (instruction-only install), and SKILL.md lists a Python dependency (pymilvus==2.3.0). That is moderate risk only because nothing is auto-downloaded by the skill itself, but the runtime will fail without the dependency. The lack of an explicit install step in registry metadata is an inconsistency the user should notice.
Credentials
The code and SKILL.md require MILVUS_URI and MILVUS_TOKEN (a credential in Username:Password format), but the skill's declared requirements list no env vars or primary credential. Additionally, the .env loader will import any key/value pairs from the .env file into the process environment (it purposely avoids overwriting existing env vars), which could lead to accidental exposure of unrelated secrets if a .env in cwd or skill root contains them. Requesting Milvus access credentials is reasonable for this skill, but the omission from metadata and the broad .env-loading behavior are concerning.
Persistence & Privilege
The skill is not always-enabled and does not request special platform privileges. It does not modify other skills' configuration and does not claim persistent system presence beyond connecting to the user-specified Milvus instance and creating/altering collections there (expected for a database-backed memory manager).
What to consider before installing
Before installing or running this skill: (1) be aware the script will attempt to read a .env file (script dir, cwd, or skill root) and will import any keys it finds into the process—avoid placing unrelated secrets in those .env files; (2) the skill requires MILVUS_URI and MILVUS_TOKEN (credentials) even though the registry metadata does not declare them—treat this as a red flag and only provide credentials you control and trust; (3) the skill will make network calls to whatever MILVUS_URI you supply and will create/modify collections and data there—do not point it at production systems containing sensitive PII or high-value data without testing first; (4) there is no automated install of pymilvus; ensure you install the listed dependency in a safe/isolated environment; (5) because the skill source is 'unknown', prefer to review scripts/milvus_manager.py locally, run in an isolated environment, and use dedicated, least-privilege Milvus credentials (or a test instance) before granting access.Like a lobster shell, security has layers — review code before you run it.
latestvk976bj3xty391mhn8svkks1med8392wc
License
MIT-0
Free to use, modify, and redistribute. No attribution required.