amber-hunter Security Report — Trusted | ClawSafe

5 /100

amber-hunter

Local AI long-term memory and context management skill for Huper ecosystem

Amber-Hunter is a legitimate local-first AI memory management skill with proper encryption (AES-256-GCM), OS keychain credential storage, and declared cloud sync with E2E encryption.

Skill Nameamber-hunter

Duration67.7s

Enginepi

✓

Safe to install

This skill is safe to use. The cloud sync to huper.org is optional and all data is encrypted before transmission. No malicious behavior detected.

Findings 2 items

Severity	Finding	Location
Info	All capabilities are properly documented Doc Mismatch SKILL.md accurately describes all features including cloud sync, LLM providers, and local API endpoints `E2E encrypted — AES-256-GCM, master_password in OS keychain, never uploaded in plaintext` → No action needed - documentation is accurate	`SKILL.md:1`
Info	Credential storage follows security best practices Credential Theft Master password stored in OS keychain (security CLI/secret-tool), not in config files. API token uses environment variable fallback. `macOS: Keychain via security command; Linux: secret-tool; Windows: cmdkey` → No action needed - proper credential handling	`core/keychain.py:1`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`READ`	✓ Aligned	Reads session files from ~/.openclaw/agents/main/sessions/
Network	`READ`	`READ`	✓ Aligned	POST to localhost:18998 and https://huper.org/api/ingest; both documented
Shell	`NONE`	`NONE`	—	No shell execution from skill code; subprocess only used for keychain tools (sec…
Environment	`READ`	`READ`	✓ Aligned	Reads AMBER_TOKEN and MINIMAX_API_KEY from env; documented
Database	`READ`	`READ`	✓ Aligned	SQLite in ~/.amber-hunter/hunter.db; local only

8 findings

🔗

Medium External URL 外部 URL

https://huper.org

CHANGELOG.md:339

🔗

Medium External URL 外部 URL

https://huper.org/dashboard

README.md:33

🔗

Medium External URL 外部 URL

https://huper.org/api

README.md:43

🔗

Medium External URL 外部 URL

https://huper.org/api/ingest

SKILL.md:73

🔗

Medium External URL 外部 URL

http://127.0.0.1:18998

amber_hunter.py:736

🔗

Medium External URL 外部 URL

https://api.minimaxi.com/anthropic/v1/messages

core/llm.py:130

🔗

Medium External URL 外部 URL

https://api.groq.com/openai/v1/chat/completions

core/llm.py:632

🔗

Medium External URL 外部 URL

https://api.minimaxi.com/anthropic

core/llm.py:700

File Tree

35 files · 356.5 KB · 9281 lines

Python 20f · 6861L Markdown 7f · 1204L JavaScript 3f · 712L Shell 3f · 325L TypeScript 1f · 166L Text 1f · 13L

├─ ▾ 📁 core

│ ├─ 🐍 __init__.py Python 5L · 312 B

│ ├─ 🐍 correction.py Python 121L · 3.6 KB

│ ├─ 🐍 crypto.py Python 337L · 23.0 KB

│ ├─ 🐍 db.py Python 685L · 23.3 KB

│ ├─ 🐍 extractor.py Python 213L · 7.2 KB

│ ├─ 🐍 keychain.py Python 284L · 9.3 KB

│ ├─ 🐍 llm.py Python 743L · 23.9 KB

│ ├─ 🐍 models.py Python 46L · 1009 B

│ ├─ 🐍 profile.py Python 105L · 3.5 KB

│ ├─ 🐍 session.py Python 450L · 16.4 KB

│ ├─ 🐍 vector.py Python 127L · 4.0 KB

│ └─ 🐍 wal.py Python 182L · 6.0 KB

├─ ▾ 📁 proactive

│ ├─ ▾ 📁 hooks

│ │ └─ ▾ 📁 openclaw

│ │ ├─ 📜 handler.js JavaScript 258L · 9.6 KB

│ │ ├─ 📜 handler.ts TypeScript 166L · 5.9 KB

│ │ └─ 📝 HOOK.md Markdown 39L · 1.2 KB

│ ├─ ▾ 📁 scripts

│ │ └─ 📜 proactive-check.js JavaScript 284L · 10.0 KB

│ ├─ 📜 proactive-check.js JavaScript 170L · 6.1 KB

│ └─ 📝 README.md Markdown 88L · 2.1 KB

├─ ▾ 📁 tests

│ ├─ ▾ 📁 test_api

│ │ ├─ 🐍 __init__.py Python 0 B

│ │ ├─ 🐍 test_recall.py Python 104L · 3.8 KB

│ │ └─ 🐍 test_status.py Python 34L · 1.0 KB

│ ├─ 🐍 __init__.py Python 0 B

│ ├─ 🐍 conftest.py Python 46L · 1.1 KB

│ ├─ 🐍 test_crypto.py Python 50L · 1.7 KB

│ └─ 🐍 test_sync.py Python 359L · 13.2 KB

├─ 🐍 amber_hunter.py Python 2970L · 116.7 KB

├─ 📝 CHANGELOG.md Markdown 351L · 20.4 KB

├─ 📝 CLAUDE.md Markdown 28L · 1.0 KB

├─ 🔧 freeze.sh Shell 59L · 1.7 KB

├─ 🔧 install.sh Shell 188L · 7.5 KB

├─ 📝 README.md Markdown 261L · 8.8 KB

├─ 📝 RELEASE_CHECKLIST.md Markdown 46L · 1.5 KB

├─ 🔧 release.sh Shell 78L · 2.9 KB

├─ 📄 requirements.txt Text 13L · 217 B

└─ 📝 SKILL.md Markdown 391L · 18.4 KB

Dependencies 8 items

Package	Version	Source	Known Vulns	Notes
`fastapi`	`0.115.0`	pip	No	Version pinned
`uvicorn`	`0.30.0`	pip	No	Version pinned
`pydantic`	`2.9.0`	pip	No	Version pinned
`cryptography`	`43.0.0`	pip	No	Version pinned
`httpx`	`0.27.0`	pip	No	Version pinned
`sentence-transformers`	`>=2.2.0`	pip	No	Lower bound only
`numpy`	`>=1.24.0`	pip	No	Lower bound only
`lancedb`	`>=0.4.0`	pip	No	Lower bound only

Security Positives

✓ AES-256-GCM encryption for all stored data with salt and nonce

✓ Master password stored in OS keychain (macOS security, Linux secret-tool, Windows cmdkey)

✓ E2E encryption before cloud sync upload

✓ Bearer token authentication for all sensitive endpoints

✓ CORS restricted to https://huper.org and localhost only

✓ Subprocess used only for legitimate tools (security CLI, secret-tool, curl for LLM calls)

✓ No eval(), exec(), or base64 execution of arbitrary code

✓ No access to sensitive paths like ~/.ssh, ~/.aws, or .env files

✓ No reverse shell, C2 communication, or hidden exfiltration

✓ Open source with clear documentation

Scan Report

Findings 2 items

File Tree

Dependencies 8 items

Security Positives