Scan Report
0 /100
memory-keeper
Memory management skill that prevents AI amnesia after /new resets using a 3-tier (hot/warm/cold) filesystem-based loading system
A purely filesystem-based memory management skill with no network, shell, credential, or external-service access. All behavior is fully declared in SKILL.md with zero hidden functionality.
Safe to install
This skill is safe to use. No action required.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | WRITE | WRITE | ✓ Aligned | All filesystem ops (read/write tasks.md, journals, MEMORY.md, dream-state.json) … |
| Network | NONE | NONE | — | No network calls in any code; README explicitly states '纯文件系统,无需外部服务' |
| Shell | NONE | NONE | — | Bash snippets in SKILL.md are for manual one-time setup only; no automated shell… |
| Environment | NONE | NONE | — | No access to os.environ; skill rule explicitly forbids recording secrets/tokens … |
| Skill Invoke | NONE | NONE | — | No cross-skill invocation |
| Clipboard | NONE | NONE | — | No clipboard access |
| Browser | NONE | NONE | — | No browser access |
| Database | NONE | NONE | — | No database access; all state stored in plain-text Markdown/JSON files under ~/.… |
4 findings
Medium External URL 外部 URL
https://img.shields.io/badge/License-MIT-yellow.svg README.md:3 Medium External URL 外部 URL
https://opensource.org/licenses/MIT README.md:3 Medium External URL 外部 URL
https://img.shields.io/badge/version-1.2.1-blue README.md:4 Medium External URL 外部 URL
https://img.shields.io/badge/author-爱兔%20aitu-orange README.md:5 File Tree
2 files · 15.6 KB · 474 lines Markdown 2f · 474L
├─
README.md
Markdown
└─
SKILL.md
Markdown
Security Positives
✓ All filesystem operations are fully declared in SKILL.md — no hidden behavior
✓ No network, shell, credential, or external-service access of any kind
✓ Explicit security rule forbids recording secrets, tokens, or credentials in tasks or journals
✓ README.md explicitly states '纯文件系统,无需外部服务' (pure filesystem, no external services)
✓ Bash snippets are for one-time manual setup only, not automated execution
✓ No base64, eval, curl|bash, subprocess, or other high-risk patterns present
✓ No sensitive path access (no ~/.ssh, ~/.aws, .env, etc.)
✓ No third-party dependencies — no pip/requirements.txt/package.json risk
✓ Memory drift correction principle is well-designed: contradictions are rewritten, not stacked