palaia 安全扫描报告 — 低风险 | ClawSafe

10 /100

palaia

Local, crash-safe persistent memory for OpenClaw agents with SQLite backend and semantic search

palaia is a legitimate memory persistence skill implemented entirely as documentation with no executable code. All described capabilities (pip/npm install, SQLite storage, MCP integration) are declared, relevant, and necessary.

技能名称palaia

分析耗时41.8s

引擎pi

✓

可以安装

No action needed. Consider pinning package versions in installation commands for reproducibility.

安全发现 4 项

严重性	安全发现	位置
低危	Unpinned package version in pip install Installation commands use 'pip install "palaia[fastembed]"' without version pinning, which could install a different version if the package is updated or compromised on PyPI. `pip install "palaia[fastembed]"` → Consider specifying a version: pip install "palaia[fastembed]==2.6"	`SKILL.md:36`
低危	Unpinned npm package installation OpenClaw plugin installed via 'npm install -g @byte5ai/palaia@latest' without a fixed version, creating a supply chain dependency. `npm install -g @byte5ai/palaia@latest` → Pin to a specific version for production deployments	`SKILL.md:52`
提示	API keys referenced in documentation OPENAI_API_KEY and GEMINI_API_KEY are documented as optional embedding providers. These are legitimate use cases for cloud AI services, not credential harvesting. Set `OPENAI_API_KEY` → No action needed; clearly documented as optional external API integration	`SKILL.md:172`
提示	Database URL with potential credentials PostgreSQL connection strings may contain credentials. palaia uses them only for database connectivity, not exfiltration. `palaia config set database_url postgresql://user:pass@host/db` → Ensure database_url is configured securely (localhost or trusted network)	`SKILL.md:159`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	SKILL.md is documentation only; no Read/Write tool usage declared or inferred
命令执行	`WRITE`	`WRITE`	✓ 一致	pip install, npm install, palaia init/doctor/upgrade commands throughout SKILL.m…
网络访问	`READ`	`READ`	✓ 一致	pip/npm package downloads, optional cloud embedding APIs (OpenAI, Gemini), MCP c…
环境变量	`READ`	`READ`	✓ 一致	OPENAI_API_KEY, GEMINI_API_KEY, PALAIA_DATABASE_URL, PALAIA_AGENT documented for…
数据库	`WRITE`	`WRITE`	✓ 一致	SQLite storage in .palaia/palaia.db, PostgreSQL backend option, CRUD operations …

1 项发现

📧

提示邮箱邮箱地址

[email protected]

SKILL.md:424

目录结构

1 文件 · 30.5 KB · 818 行

Markdown 1f · 818L

└─ 📝 SKILL.md Markdown 818L · 30.5 KB

依赖分析 2 项

包名	版本	来源	已知漏洞	备注
`palaia`	`unpinned`	pip	否	Package version not specified in SKILL.md installation commands
`@byte5ai/palaia`	`latest`	npm	否	NPM plugin installed without version pin

安全亮点

✓ SKILL.md is pure documentation with zero executable code - no scripts, no obfuscation

✓ All capabilities are explicitly declared in documentation

✓ No base64 encoding, eval(), or suspicious runtime patterns

✓ No access to sensitive paths like ~/.ssh, ~/.aws, or .env files

✓ No data exfiltration or external IP connections outside of declared cloud APIs

✓ SQLite storage is local and crash-safe (WAL mode)

✓ MCP server supports --read-only mode for untrusted hosts

✓ Dangerous operations (gc --aggressive) require explicit user confirmation

✓ Privacy markers (<private>...</private>) prevent accidental sensitive data capture

✓ Explicit warning against storing secrets in memory entries