memory-keeper 安全扫描报告 — 可信 | ClawSafe

0 /100

memory-keeper

Memory management skill that prevents AI amnesia after /new resets using a 3-tier (hot/warm/cold) filesystem-based loading system

A purely filesystem-based memory management skill with no network, shell, credential, or external-service access. All behavior is fully declared in SKILL.md with zero hidden functionality.

技能名称memory-keeper

分析耗时22.4s

引擎pi

✓

可以安装

This skill is safe to use. No action required.

资源类型	声明权限	推断权限	状态	证据
文件系统	`WRITE`	`WRITE`	✓ 一致	All filesystem ops (read/write tasks.md, journals, MEMORY.md, dream-state.json) …
网络访问	`NONE`	`NONE`	—	No network calls in any code; README explicitly states '纯文件系统，无需外部服务'
命令执行	`NONE`	`NONE`	—	Bash snippets in SKILL.md are for manual one-time setup only; no automated shell…
环境变量	`NONE`	`NONE`	—	No access to os.environ; skill rule explicitly forbids recording secrets/tokens …
技能调用	`NONE`	`NONE`	—	No cross-skill invocation
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser access
数据库	`NONE`	`NONE`	—	No database access; all state stored in plain-text Markdown/JSON files under ~/.…

4 项发现

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/License-MIT-yellow.svg

README.md:3

🔗

中危外部 URL 外部 URL

https://opensource.org/licenses/MIT

README.md:3

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/version-1.2.1-blue

README.md:4

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/author-爱兔%20aitu-orange

README.md:5

目录结构

2 文件 · 15.6 KB · 474 行

Markdown 2f · 474L

├─ 📝 README.md Markdown 121L · 4.2 KB

└─ 📝 SKILL.md Markdown 353L · 11.4 KB

安全亮点

✓ All filesystem operations are fully declared in SKILL.md — no hidden behavior

✓ No network, shell, credential, or external-service access of any kind

✓ Explicit security rule forbids recording secrets, tokens, or credentials in tasks or journals

✓ README.md explicitly states '纯文件系统，无需外部服务' (pure filesystem, no external services)

✓ Bash snippets are for one-time manual setup only, not automated execution

✓ No base64, eval, curl|bash, subprocess, or other high-risk patterns present

✓ No sensitive path access (no ~/.ssh, ~/.aws, .env, etc.)

✓ No third-party dependencies — no pip/requirements.txt/package.json risk

✓ Memory drift correction principle is well-designed: contradictions are rewritten, not stacked