cognitive-memory 安全扫描报告 — 可信 | ClawSafe

5 /100

cognitive-memory

Intelligent multi-store memory system with human-like encoding, consolidation, decay, and recall

This is a legitimate cognitive memory system skill with no malicious indicators. All operations (file/directory creation, git initialization, template copying, JSON modification via Python) are clearly documented and serve the stated purpose of setting up an agent memory architecture.

技能名称cognitive-memory

分析耗时43.3s

引擎pi

✓

可以安装

This skill is safe to use. All shell operations are declared in SKILL.md via bash script references. The skill creates a memory management system with episodic, semantic, procedural, and vault stores, using git for audit tracking.

资源类型	声明权限	推断权限	状态	证据
文件系统	`WRITE`	`WRITE`	✓ 一致	scripts/init_memory.sh:20-50 (mkdir/cp operations)
命令执行	`WRITE`	`WRITE`	✓ 一致	scripts/*.sh (bash execution, git operations)
网络访问	`NONE`	`NONE`	—	No network operations found
环境变量	`NONE`	`NONE`	—	No environment variable access
技能调用	`NONE`	`NONE`	—	No inter-skill invocation
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser operations
数据库	`NONE`	`NONE`	—	No database access

目录结构

27 文件 · 170.6 KB · 5015 行

Markdown 21f · 4072L Shell 4f · 914L JSON 2f · 29L

├─ ▾ 📁 assets

│ └─ ▾ 📁 templates

│ ├─ 📝 agents-memory-block.md Markdown 227L · 7.2 KB

│ ├─ 📋 decay-scores.json JSON 24L · 539 B

│ ├─ 📝 entity-template.md Markdown 20L · 348 B

│ ├─ 📝 episode-template.md Markdown 7L · 279 B

│ ├─ 📝 evolution.md Markdown 35L · 761 B

│ ├─ 📝 graph-index.md Markdown 11L · 317 B

│ ├─ 📝 IDENTITY.md Markdown 68L · 1.9 KB

│ ├─ 📝 MEMORY.md Markdown 30L · 850 B

│ ├─ 📝 pending-memories.md Markdown 18L · 511 B

│ ├─ 📝 pending-reflection.md Markdown 54L · 1.7 KB

│ ├─ 📝 procedure-template.md Markdown 18L · 321 B

│ ├─ 📝 reflection-log.md Markdown 28L · 579 B

│ ├─ 📝 relations.md Markdown 18L · 508 B

│ ├─ 📝 reward-log.md Markdown 10L · 256 B

│ ├─ 📝 reward-template.md Markdown 55L · 1.0 KB

│ └─ 📝 SOUL.md Markdown 97L · 3.2 KB

├─ ▾ 📁 references

│ ├─ 📝 architecture.md Markdown 1274L · 54.8 KB

│ ├─ 📝 reflection-process.md Markdown 1186L · 40.7 KB

│ └─ 📝 routing-prompt.md Markdown 67L · 1.7 KB

├─ ▾ 📁 scripts

│ ├─ 🔧 init_memory.sh Shell 147L · 5.1 KB

│ ├─ 🔧 upgrade_to_1.0.6.sh Shell 298L · 9.1 KB

│ └─ 🔧 upgrade_to_1.0.7.sh Shell 234L · 7.7 KB

├─ 📋 _meta.json JSON 5L · 135 B

├─ 📝 SKILL.md Markdown 319L · 9.9 KB

├─ 🔧 upgrade_to_1.0.7.sh Shell 235L · 7.7 KB

├─ 📝 UPGRADE-1.0.7.md Markdown 265L · 6.8 KB

└─ 📝 UPGRADE.md Markdown 265L · 6.8 KB

安全亮点

✓ No credential harvesting or sensitive path access (~/.ssh, ~/.aws, .env)

✓ No base64 encoded commands or eval(atob()) patterns

✓ No remote script execution (curl|bash, wget|sh)

✓ No hidden functionality in HTML comments or elsewhere

✓ No data exfiltration to external IPs

✓ Git-based audit trail is security-positive

✓ All bash operations are clearly declared via script references in SKILL.md

✓ Python JSON operations are safe (read-modify-write with backup)

✓ Backup creation before modifications in upgrade scripts

✓ Pre-flight checks prevent accidental damage

✓ Templates are clean Markdown without embedded threats