memory-lancedb-pro Security Report — Low Risk | ClawSafe

5 /100

memory-lancedb-pro

Production-grade long-term memory system (v1.1.0-beta.8) for OpenClaw AI agents. Provides persistent, intelligent memory storage using LanceDB with hybrid vector + BM25 retrieval, LLM-powered Smart Extraction, Weibull decay lifecycle, and multi-scope isolation.

Pure documentation skill (Markdown only) providing installation and configuration guidance for a memory plugin. No executable code, scripts, or binaries present. Minor concern: remote script download pattern in documentation.

Skill Namememory-lancedb-pro

Duration40.5s

Enginepi

✓

Safe to install

Safe to use. No executable components. The documented `curl|bash` remote script pattern is standard practice and clearly disclosed. No action required.

Findings 2 items

Severity	Finding	Location
Low	Remote script download pattern in documentation Supply Chain The Quick Install section references downloading and executing a shell script from GitHub raw content: `curl -fsSL https://raw.githubusercontent.com/CortexReach/toolbox/main/memory-lancedb-pro-setup/setup-memory.sh -o setup-memory.sh && bash setup-memory.sh`. This is a documented pattern with `--dry-run` and `--selfcheck-only` options, but the remote script is not reviewed in this package. `curl -fsSL https://raw.githubusercontent.com/CortexReach/toolbox/main/memory-lancedb-pro-setup/setup-memory.sh -o setup-memory.sh` → Review the external script at the GitHub URL before executing it. Use the `--dry-run` flag to preview actions first.	`SKILL.md:686`
Low	Misleading Iron Rule references dangerous command Doc Mismatch The 'Iron Rules for AI Agents' section includes `rm -rf /tmp/jiti/` as a required step. While the target `/tmp/jiti/` is a legitimate cache directory (not root), the prefix `rm -rf` with a glob-like pattern is an IOC that was flagged by pre-scan. This is benign in context but creates false-positive security alerts. `rm -rf /tmp/jiti/` → Use `rm -rf ~/.cache/jiti/` or a more specific path to reduce confusion and avoid false-positive security flags.	`SKILL.md:697`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	Markdown documentation files only; no file write operations
Network	`READ`	`READ`	✓ Aligned	Only URL references for external services (jina.ai, openai.com, GitHub) — all de…
Shell	`NONE`	`NONE`	—	No executable scripts present; shell commands appear only as documentation
Environment	`NONE`	`NONE`	—	No environment variable access
Skill Invoke	`READ`	`READ`	✓ Aligned	Skill is itself a documentation resource
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`NONE`	`NONE`	—	No browser automation
Database	`NONE`	`NONE`	—	No database access; documents LanceDB configuration but does not connect

1 Critical 18 findings

💀

Critical Dangerous Command 危险 Shell 命令

rm -rf /

SKILL.md:697

🔗

Medium External URL 外部 URL

https://claude.ai/code

README.md:28

🔗

Medium External URL 外部 URL

https://openclaw.ai

README.md:32

🔗

Medium External URL 外部 URL

https://storage.ko-fi.com/cdn/kofi2.png?v=3

README.md:229

🔗

Medium External URL 外部 URL

https://ko-fi.com/aila

README.md:229

🔗

Medium External URL 外部 URL

https://jina.ai/api-key

SKILL.md:29

🔗

Medium External URL 外部 URL

https://platform.openai.com/api-keys

SKILL.md:29

🔗

Medium External URL 外部 URL

https://cloud.siliconflow.cn/account/ak

SKILL.md:38

🔗

Medium External URL 外部 URL

https://ollama.com/download

SKILL.md:62

🔗

Medium External URL 外部 URL

https://api.jina.ai/v1/embeddings

SKILL.md:88

🔗

Medium External URL 外部 URL

https://api.siliconflow.com/v1/rerank

SKILL.md:104

🔗

Medium External URL 外部 URL

https://api.jina.ai/v1

SKILL.md:162

🔗

Medium External URL 外部 URL

https://api.jina.ai/v1/rerank

SKILL.md:186

🔗

Medium External URL 外部 URL

http://192.168.1.100:11434/v1

SKILL.md:333

🔗

Medium External URL 外部 URL

https://dashscope.aliyuncs.com/compatible-mode/v1

SKILL.md:1223

🔗

Medium External URL 外部 URL

https://dashscope.aliyuncs.com/compatible-api/v1/reranks

SKILL.md:1236

🔗

Medium External URL 外部 URL

https://api.voyageai.com/v1/rerank

SKILL.md:1252

🔗

Medium External URL 外部 URL

https://api.pinecone.io/rerank

SKILL.md:1253

File Tree

3 files · 76.6 KB · 1951 lines

Markdown 3f · 1951L

├─ ▾ 📁 references

│ └─ 📝 full-reference.md Markdown 310L · 9.7 KB

├─ 📝 README.md Markdown 233L · 9.8 KB

└─ 📝 SKILL.md Markdown 1408L · 57.0 KB

Security Positives

✓ Pure documentation skill — no executable code, scripts, or binaries

✓ All shell commands appear only as documentation examples, not as embedded execution

✓ API key verification uses read-only HTTP GET requests to service endpoints

✓ No credential harvesting — only user-provided keys via config files

✓ No obfuscation (no base64, eval, atob, or encoded strings)

✓ No sensitive file access (no ~/.ssh, ~/.aws, .env reads)

✓ No data exfiltration, reverse shell, or C2 communication patterns

✓ No hidden functionality — documentation matches stated behavior

✓ Remote script has `--dry-run` and `--selfcheck-only` safety options

✓ Full source file map and technical details transparently disclosed

Scan Report

Findings 2 items

File Tree

Security Positives