shared-memory-governor 安全扫描报告 — 可信 | ClawSafe

0 /100

shared-memory-governor

Govern a file-based shared-memory layer for OpenClaw multi-agent and subagent systems. Preserve each agent's private memory while adding a separate, reviewable shared layer for stable user preferences, shared rules, and durable cross-agent facts.

This is a documentation-only skill that provides governance guidance for a multi-agent shared-memory system. It contains no executable code, scripts, or binaries—only Markdown documentation and a JSON config example. All capabilities are clearly declared, safety boundaries are explicit, and there are no high-risk indicators.

技能名称shared-memory-governor

分析耗时36.5s

引擎pi

✓

可以安装

This skill is safe to use. No executable code or malicious behavior detected.

资源类型	声明权限	推断权限	状态	证据
文件系统	`READ`	`READ`	✓ 一致	SKILL.md: Explicitly declares reading workspace memory files (MEMORY.md, USER.md…
文件系统	`WRITE`	`WRITE`	✓ 一致	SKILL.md: Declares writing shared-memory files (shared-user.md, shared-memory.md…
网络访问	`NONE`	`NONE`	—	SKILL.md: No network access declared or implied
命令执行	`NONE`	`NONE`	—	SKILL.md: No shell execution declared or present
环境变量	`NONE`	`NONE`	—	SKILL.md: Explicitly prohibits reading credentials or secrets
技能调用	`NONE`	`NONE`	—	Documentation-only skill, no sub-skill invocation
剪贴板	`NONE`	`NONE`	—	No clipboard access mentioned
浏览器	`NONE`	`NONE`	—	No browser access mentioned
数据库	`NONE`	`NONE`	—	No database access mentioned

目录结构

6 文件 · 35.8 KB · 1462 行

Markdown 5f · 1367L JSON 1f · 95L

├─ ▾ 📁 assets

│ └─ 📋 shared-memory.config.example.json JSON 95L · 2.2 KB

├─ ▾ 📁 references

│ ├─ 📝 config-reference.md Markdown 840L · 17.7 KB

│ ├─ 📝 shared-promotion-rules.md Markdown 112L · 3.3 KB

│ ├─ 📝 startup-guidance-rules.md Markdown 67L · 2.4 KB

│ └─ 📝 status-review-fields.md Markdown 76L · 2.1 KB

└─ 📝 SKILL.md Markdown 272L · 8.0 KB

安全亮点

✓ Documentation-only skill with no executable code (scripts/, code files, binaries)

✓ Comprehensive safety boundaries clearly declared in SKILL.md with explicit prohibitions

✓ Explicitly prohibits credential harvesting, SSH key access, and secret collection

✓ Schedules disabled by default; requires explicit user enabling

✓ Local memory modification restricted to append-only markers (modifyLocalMemoryDirectly: false)

✓ Clear doc-to-code alignment with no hidden functionality

✓ Strong emphasis on auditability, reviewability, and reversibility

✓ No base64 encoding, obfuscation, or anti-analysis techniques

✓ No external network requests or C2 communication

✓ No supply chain risks (no dependencies, no external packages)