扫描报告
5 /100
memory-tree
🌳 记忆树 — 周报自动生成,永久记忆标记,关键词搜索
The memory-tree skill v2.0 is a legitimate local memory management tool with no malicious behavior detected - all declared capabilities match the actual implementation.
可以安装
This skill is safe to use. No action required.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | READ | READ | ✓ 一致 | SKILL.md declares '零依赖,纯本地运行'; code reads ~/.openclaw/workspace/MEMORY.md |
| 文件系统 | WRITE | WRITE | ✓ 一致 | SKILL.md declares memory storage; code writes to memory-tree/data/ |
| 网络访问 | NONE | NONE | — | v2.0 removed Ollama embedding; only local keyword search implemented |
| 命令执行 | NONE | NONE | — | No subprocess calls in memory_tree.py |
1 项发现
中危 外部 URL 外部 URL
https://x.com/loryoncloud README.md:130 目录结构
5 文件 · 25.2 KB · 841 行 Python 1f · 596L
Markdown 3f · 230L
JSON 1f · 15L
├─
▾
scripts
│ └─
memory_tree.py
Python
├─
_meta.json
JSON
├─
README.md
Markdown
├─
SECURITY.md
Markdown
└─
SKILL.md
Markdown
安全亮点
✓ Zero external dependencies - uses only Python standard library
✓ Pure local operation with no network requests in v2.0
✓ Clear documentation of all file system access paths
✓ Well-structured code with no obfuscation or suspicious patterns
✓ No shell execution, credential harvesting, or data exfiltration
✓ No base64-encoded content or eval() usage
✓ v2.0 explicitly removed cloud embedding dependencies