long-term-memory Security Report — High Risk | ClawSafe

55 /100

long-term-memory

长期记忆管理系统 - 帮助AI和用户管理、存储、检索长期记忆

Hardcoded API credential in payment.py poses critical credential theft risk; documentation references non-existent tools.

Skill Namelong-term-memory

Duration39.5s

Enginepi

⛔

Do not install this skill

Remove hardcoded API key immediately. Use environment variables for credentials. Remove references to non-existent scripts from SKILL.md.

Findings 3 items

Severity	Finding	Location
High	Hardcoded API Key in Source Code Credential Theft The billing API key is hardcoded directly in payment.py line 12. This exposes a sensitive credential that could be extracted by anyone with read access to the source code. `BILLING_API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2"` → Use environment variable SKILLPAY_API_KEY instead. Store secrets outside the codebase.	`payment.py:12`
Medium	Documentation References Non-Existent Scripts Doc Mismatch SKILL.md lists 'memory_organizer.py' and 'memory_sync.py' as available tools, but these files do not exist in the scripts/ directory. - `memory_organizer.py` - 记忆组织器 - `memory_sync.py` - 记忆同步器 → Remove references to non-existent tools from documentation or implement the missing functionality.	`SKILL.md:56`
Low	Hardcoded Base Directory Path Sensitive Access All scripts hardcode '/root/.openclaw/workspace' as the base directory. This limits portability and may indicate assumptions about the runtime environment. `def __init__(self, base_dir: str = "/root/.openclaw/workspace")` → Use environment variable or configuration file for base directory. Consider supporting user-specified paths.	`scripts/memory_store.py:22`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`WRITE`	✓ Aligned	memory_store.py creates and writes memory files
Network	`READ`	`READ`	✓ Aligned	payment.py makes HTTP requests to skillpay.me
Shell	`NONE`	`NONE`	—	No subprocess or shell execution found
Environment	`READ`	`READ`	✓ Aligned	payment.py reads SKILLPAY_USER_ID env var
Skill Invoke	`NONE`	`NONE`	—	No skill invocation detected
Clipboard	`NONE`	`NONE`	—	No clipboard access found
Browser	`NONE`	`NONE`	—	No browser automation found
Database	`NONE`	`NONE`	—	No database access found

1 High 2 findings

🔑

High API Key 疑似硬编码凭证

API_KEY = "sk_f03aa8f8bbcf79f7aa11c112d904780f22e62add1464e3c41a79600a451eb1d2"

payment.py:12

🔗

Medium External URL 外部 URL

https://skillpay.me

payment.py:11

File Tree

8 files · 44.6 KB · 1397 lines

Python 4f · 1066L Markdown 2f · 301L JSON 1f · 19L Text 1f · 11L

├─ ▾ 📁 references

│ └─ 📝 memory-taxonomy.md Markdown 175L · 3.9 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 memory_compressor.py Python 298L · 10.3 KB

│ ├─ 🐍 memory_search.py Python 319L · 11.5 KB

│ └─ 🐍 memory_store.py Python 307L · 10.0 KB

├─ 📋 _meta.json JSON 19L · 437 B

├─ 🐍 payment.py Python 142L · 5.2 KB

├─ 📄 requirements.txt Text 11L · 191 B

└─ 📝 SKILL.md Markdown 126L · 3.1 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`python-dateutil`	`>=2.8.0`	pip	No	Minimum version specified

Security Positives

✓ No subprocess or shell execution detected - no arbitrary code execution risk

✓ No credential harvesting from environment variables for exfiltration

✓ No base64-encoded or obfuscated code found

✓ Dependencies have version constraints (python-dateutil>=2.8.0)

✓ No attempts to access ~/.ssh, ~/.aws, or other sensitive credential paths

✓ No reverse shell, C2, or data theft patterns detected

✓ No hidden functionality beyond the declared memory management features

Scan Report

Findings 3 items

File Tree

Dependencies 1 items

Security Positives