memory-review Security Report — Trusted | ClawSafe

5 /100

memory-review

知识沉淀自动化技能。扫描近期日记，识别可沉淀知识，自动写入知识库。

A benign knowledge-management skill that scans diary files and writes knowledge summaries, with no malicious behavior detected.

Skill Namememory-review

Duration25.6s

Enginepi

✓

Safe to install

No action needed. The skill is safe to use.

Findings 1 items

Severity	Finding	Location
Low	Shell command not declared in SKILL.md Doc Mismatch The md5sum shell command is used for incremental scanning (documented in spec.md) but is not declared in the SKILL.md capability declaration. While functionally documented, it creates a minor doc-to-declaration gap for the primary interface. `md5sum memory/daily/YYYY-MM-DD.md` → Add shell:READ to SKILL.md's declared capabilities to fully reflect the md5sum usage.	`references/spec.md:62`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`WRITE`	✓ Aligned	SKILL.md: Writes output to memory/daily/, memory/knowledge/, data/exec-logs/
Shell	`NONE`	`READ`	✓ Aligned	spec.md: Uses md5sum for file integrity checking — documented but not declared i…
Network	`NONE`	`NONE`	—	No network calls found
Environment	`NONE`	`NONE`	—	No environment variable access found
credential	`NONE`	`NONE`	—	No credential access found

2 files · 4.2 KB · 170 lines

Markdown 2f · 170L

├─ ▾ 📁 references

│ └─ 📝 spec.md Markdown 116L · 2.7 KB

└─ 📝 SKILL.md Markdown 54L · 1.5 KB

✓ No network requests or external data exfiltration

✓ No credential harvesting or environment variable access

✓ No obfuscated code, base64, or anti-analysis patterns

✓ No remote script execution (curl|bash, wget|sh)

✓ No sensitive path access (~/.ssh, ~/.aws, .env)

✓ No binary files or suspicious dependencies

✓ Write operations are scoped to well-defined output directories (memory/, data/)

✓ Incremental scanning via md5 prevents redundant work, indicating genuine utility rather than covert activity