中文 EN

Scan Report

Scan New Files

Low Risk — Risk Score 10/100
Last scan:2 days ago Rescan
10 /100
ClaWiser
Agent memory and workflow enhancement suite with 8 modules: memory-deposit, retrieval-enhance, noise-reduction, hdd, sdd, save-game, load-game, project-skill-pairing
ClaWiser is a legitimate agent memory and workflow enhancement suite with no malicious behavior detected. All scripts perform documented, benign operations: reading session transcripts, merging conversations, and git auto-commit. No credential theft, data exfiltration, reverse shells, or hidden functionality found.
Skill NameClaWiser
Duration53.5s
Enginepi
Safe to install
This skill is safe to use. Monitor the memory/transcripts/ directory growth over time and review the cron task if installed, but no immediate action required.

Findings 4 items

Severity Finding Location
Low
Shell script executes git operations
auto-commit.sh runs git add, git commit, and git status commands. This is necessary for the memory management workflow and is fully documented in SKILL.md.
#!/bin/bash ... git add -- "$file" ... git commit -m "$message"
→ No action needed — this is documented and necessary behavior for the memory Git integration feature.
 assets/memory-deposit/scripts/auto-commit.sh:1
Low
Node.js scripts read from OpenClaw session directories
merge-daily-transcript.js and diagnose-noise.js read session JSONL files from ~/.openclaw/agents/main/sessions. This is the primary data source for the memory consolidation feature.
const SESSIONS_DIR = path.join(HOME, '.openclaw', 'agents', 'main', 'sessions')
→ No action needed — reading own session data is expected for memory management.
 assets/memory-deposit/scripts/merge-daily-transcript.js:45
Low
SKILL.md installer writes to AGENTS.md and SOUL.md
The main installer appends routing rules and self-description content to the agent's AGENTS.md and SOUL.md files. This is a one-time installation behavior.
在用户的 AGENTS.md 末尾追加以下路由规则
→ No action needed — installation-time configuration modification is documented and necessary for the skill to function.
 SKILL.md:138
Info
Two external URLs in memory-deposit documentation
SKILL.md references dashscope.aliyuncs.com (embedding API) and bailian.console.aliyun.com (key management) as configuration examples. These are legitimate cloud service endpoints, not indicators of data exfiltration.
baseUrl: "https://dashscope.aliyuncs.com/compatible-mode/v1"
→ No action needed — these are user-facing configuration examples for embedding API setup, not automatic network calls made by the skill.
 assets/memory-deposit/SKILL.md:153
ResourceDeclaredInferredStatusEvidence
Filesystem NONE READ+WRITE ✓ Aligned merge-daily-transcript.js reads ~/.openclaw sessions, writes to memory/transcrip…
Shell NONE WRITE ✓ Aligned auto-commit.sh executes git add/commit; SKILL.md installer runs cp/mkdir/bash co…
Network NONE NONE External URLs (dashscope.aliyuncs.com) only referenced in config examples, not a…
Environment NONE READ ✓ Aligned merge-daily-transcript.js reads OPENCLAW_WORKSPACE, TZ from env — standard confi…
Skill Invoke NONE READ+WRITE ✓ Aligned SKILL.md copies skill directories and writes to AGENTS.md/SOUL.md — all document…
Clipboard NONE NONE N/A
Browser NONE NONE N/A
Database NONE NONE N/A
2 findings
🔗
Medium External URL 外部 URL
https://dashscope.aliyuncs.com/compatible-mode/v1
assets/memory-deposit/SKILL.md:153
🔗
Medium External URL 外部 URL
https://bailian.console.aliyun.com/
assets/memory-deposit/SKILL.md:158

File Tree

18 files · 136.6 KB · 3444 lines
Markdown 14f · 2083L JavaScript 3f · 1297L Shell 1f · 64L
├─ 📁 assets
│ ├─ 📁 hdd
│ │ └─ 📝 SKILL.md Markdown 365L · 15.1 KB
│ ├─ 📁 load-game
│ │ └─ 📝 SKILL.md Markdown 129L · 3.9 KB
│ ├─ 📁 memory-deposit
│ │ ├─ 📁 references
│ │ │ └─ 📝 memory-rules.md Markdown 25L · 737 B
│ │ ├─ 📁 scripts
│ │ │ ├─ 🔧 auto-commit.sh Shell 64L · 2.0 KB
│ │ │ └─ 📜 merge-daily-transcript.js JavaScript 499L · 19.0 KB
│ │ └─ 📝 SKILL.md Markdown 191L · 6.9 KB
│ ├─ 📁 noise-reduction
│ │ ├─ 📁 references
│ │ │ ├─ 📝 common-failures.md Markdown 101L · 5.7 KB
│ │ │ ├─ 📝 example-classifier.md Markdown 77L · 3.0 KB
│ │ │ └─ 📝 noise-categories.md Markdown 50L · 2.7 KB
│ │ ├─ 📁 scripts
│ │ │ ├─ 📜 diagnose-noise.js JavaScript 411L · 16.2 KB
│ │ │ └─ 📜 validate-noise-reduction.js JavaScript 387L · 14.4 KB
│ │ └─ 📝 SKILL.md Markdown 231L · 10.7 KB
│ ├─ 📁 project-skill-pairing
│ │ └─ 📝 SKILL.md Markdown 152L · 4.6 KB
│ ├─ 📁 retrieval-enhance
│ │ └─ 📝 SKILL.md Markdown 185L · 6.5 KB
│ ├─ 📁 save-game
│ │ └─ 📝 SKILL.md Markdown 134L · 4.6 KB
│ └─ 📁 sdd
│ └─ 📝 SKILL.md Markdown 111L · 5.5 KB
├─ 📝 README.md Markdown 88L · 3.2 KB
└─ 📝 SKILL.md Markdown 244L · 11.9 KB

Security Positives

✓ No credential harvesting — scripts read session data but do not access SSH keys, AWS credentials, .env files, or API keys
✓ No data exfiltration — all data processing is local (read sessions, merge/transcribe, write to memory/)
✓ No base64-encoded payloads or obfuscated code anywhere in the codebase
✓ No reverse shells, C2 infrastructure, or direct IP network requests
✓ No curl|bash or wget|sh remote script execution patterns
✓ No hidden functionality — all capabilities (git auto-commit, transcript merging, noise filtering) are clearly documented
✓ Scripts use only standard Node.js modules (fs, path, os) with no external dependencies or package.json
✓ No eval(), Function(), or dynamic code execution
✓ Script paths are hardcoded to OpenClaw standard locations, not arbitrary system paths
✓ No attempt to access sensitive directories like ~/.ssh, ~/.aws, or /etc/