中文 EN

Scan Report

Scan New Files

Low Risk — Risk Score 15/100
Last scan:18 hr ago Rescan
15 /100
openclaw-memory-system
OpenClaw 多模态记忆系统 - 支持图片/工具记忆、项目/Agent/用户隔离、自然语言修正
The skill is a legitimate OpenClaw memory system with no malicious code present. It consists primarily of documentation with a single benign install script. Minor concern: references files in documentation that don't exist in the package.
Skill Nameopenclaw-memory-system
Duration36.4s
Enginepi
Safe to install
Approve for use with standard precautions. The actual skill implementation files referenced in documentation are missing from the package, so full functionality will not work until the implementation is included.

Findings 2 items

Severity Finding Location
Low
Documentation references non-existent implementation files Doc Mismatch
SKILL.md, README.md, and RELEASE.md document files under skills/ directory that are not included in the package (image-memory.js, project-memory.js, memory-correct.js, etc.)
skills/multimodal-memory/image-memory.js, skills/project-memory-isolation/project-memory.js
→ Either include the implementation files or update documentation to clarify this is a documentation-only release
 SKILL.md:1
Info
Install script uses env-controlled workspace path Priv Escalation
install.js uses OPENCLAW_WORKSPACE env var with fallback to /home/openclaw/.openclaw/workspace. If env var is externally controlled, path could be redirected.
const WORKSPACE = process.env.OPENCLAW_WORKSPACE || '/home/openclaw/.openclaw/workspace'
→ This is standard practice for workspace tools. Ensure the environment variable cannot be set by untrusted sources.
 scripts/install.js:9
ResourceDeclaredInferredStatusEvidence
Filesystem NONE WRITE ✓ Aligned install.js creates memory directories and copies configs to workspace
Network NONE NONE Feishu webhook mentioned in docs but no active network code present
Shell NONE NONE No shell execution found in install.js
Environment NONE READ ✓ Aligned install.js:9 reads OPENCLAW_WORKSPACE env var

File Tree

9 files · 32.6 KB · 1421 lines
Markdown 5f · 1194L JSON 3f · 171L JavaScript 1f · 56L
├─ 📁 scripts
│ └─ 📜 install.js JavaScript 56L · 1.5 KB
├─ 📋 clawhub.json JSON 61L · 1.6 KB
├─ 📋 manifest.json JSON 51L · 1.4 KB
├─ 📋 package.json JSON 59L · 1.4 KB
├─ 📝 QUICKSTART.md Markdown 91L · 2.0 KB
├─ 📝 README_CLAWHUB.md Markdown 165L · 4.0 KB
├─ 📝 README.md Markdown 312L · 7.4 KB
├─ 📝 RELEASE.md Markdown 378L · 8.2 KB
└─ 📝 SKILL.md Markdown 248L · 5.2 KB

Security Positives

✓ No shell execution commands found
✓ No credential harvesting or exfiltration code
✓ No obfuscation or base64-encoded payloads
✓ No C2 communication or remote code execution
✓ Install script only creates directories and copies configs
✓ No suspicious network requests
✓ No cron/scheduled task installation
✓ No access to sensitive paths like ~/.ssh or .env