← Back to Skills Marketplace
shingo0620

OpenClaw Memory Audit

by shingo0620 · GitHub ↗ · v1.1.2
cross-platform ⚠ suspicious
1317
Downloads
0
Stars
3
Active Installs
4
Versions
Install in OpenClaw
/install openclaw-memory-audit
Description
Scan the agent workspace and memory logs for leaked API keys, tokens, or sensitive credentials. Use when the user requests a security check, a memory audit,...
Usage Guidance
This skill appears to be a simple, local secrets scanner and does not exfiltrate data, but note the following before installing or running it: - The script only scans files under the workspace path you give it; it does NOT read agent memory stores or in-memory conversation logs even though the SKILL.md mentions 'memory logs'. If you need memory-store scanning, you'll need additional tooling or explicit instructions to the agent to access that store. - The scanner prints file paths and line numbers for matches (with values masked). Treat the output as sensitive: it reveals where a secret was found even if the secret value is partially redacted. - The regexes are intentionally broad (e.g., generic 32+/40+ char tokens) and can generate false positives. Review findings manually before revoking credentials. - Because the tool reads all text files recursively, run it in an environment where the agent is permitted to read the workspace (no unintended mounts). Consider running in a sandbox or with a copy of the workspace if you are concerned about accidental exposure of file metadata. If you want the skill to actually scan agent memory or a separate logs DB, ask the author to either: (1) document exactly which memory/log store it will access and request only the minimal API/credentials needed, or (2) include code that explicitly reads from that memory store (with clear, auditable behavior).
Capability Analysis
Type: OpenClaw Skill Name: openclaw-memory-audit Version: 1.1.2 The OpenClaw Memory Audit skill is designed for local, read-only scanning of the agent's workspace and memory logs for leaked API keys and credentials. The `SKILL.md` explicitly states its read-only nature and instructs the agent to run a local Python script (`scripts/scan_secrets.py`) and to recommend a recurring audit schedule using OpenClaw's `cron.list()` function, without modifying any configurations. The `scan_secrets.py` script correctly implements this by scanning files for predefined regex patterns, masking any found secrets before printing them to standard output, and making no network calls or system modifications. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts to subvert the agent's intended behavior.
Capability Assessment
Purpose & Capability
Name/description match the code: a Python script walks the workspace and looks for API keys, JWTs, AWS keys, and other long secrets. The only runtime requirement declared (python3) is appropriate for the included script.
Instruction Scope
SKILL.md says the tool scans 'workspace and memory logs' and verifies a recurring audit schedule using cron.list(). The shipped script only walks filesystem files in the provided root directory (workspace) and does not access any agent memory store or memory-log APIs. If you expect it to scan in-memory conversation logs or a separate memory DB, this implementation does not do that. Also the SKILL.md instructs the agent to call cron.list() (an OpenClaw runtime action) which is outside the Python script — that split is fine but is a behavioural mismatch that should be documented clearly.
Install Mechanism
Instruction-only with a small Python script; there is no installer, no external downloads, and no archives being extracted. This is low-risk from an install-mechanism perspective.
Credentials
The skill requests no credentials or environment variables and the script does not read or transmit env vars. There is no indication of unrelated credential access. The patterns the script searches for are broad (may produce false positives) but that is proportional to a secrets scanner.
Persistence & Privilege
The skill does not request permanent/always-included status and does not modify other skills or system configuration. It only runs when invoked.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install openclaw-memory-audit
  3. After installation, invoke the skill by name or use /openclaw-memory-audit
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.2
Address ClawHub scan concerns: fix documented paths; stop excluding skills/ SKILL.md from scanning; keep excludes minimal; clarify output wording.
v1.1.1
Fix ClawHub suspicious flag: declare runtime requirement (python3), remove accidental dist/*.skill artifact, and clarify scope (local scan only; no credentials; cron recommendation only).
v1.1.0
openclaw-memory-audit 1.1.0 - Added automated verification for recurring audit schedules and recommendations if missing. - Updated instructions to check cron jobs and prompt users to set a weekly security audit if none exists. - Improved documentation to clarify both secret scanning and schedule audit workflows.
v1.0.0
Initial release — provides automated security scanning for exposed secrets in the agent's workspace and memory logs. - Scans for leaked API keys, tokens, and sensitive credentials in text files. - Specifically detects OpenAI keys, Telegram tokens, JWTs, generic secrets, and AWS credentials. - Excludes known safe files like openclaw.json from scans. - Offers step-by-step recommendations if secrets are detected.
Metadata
Slug openclaw-memory-audit
Version 1.1.2
License
All-time Installs 3
Active Installs 3
Total Versions 4
Frequently Asked Questions

What is OpenClaw Memory Audit?

Scan the agent workspace and memory logs for leaked API keys, tokens, or sensitive credentials. Use when the user requests a security check, a memory audit,... It is an AI Agent Skill for Claude Code / OpenClaw, with 1317 downloads so far.

How do I install OpenClaw Memory Audit?

Run "/install openclaw-memory-audit" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is OpenClaw Memory Audit free?

Yes, OpenClaw Memory Audit is completely free (open-source). You can download, install and use it at no cost.

Which platforms does OpenClaw Memory Audit support?

OpenClaw Memory Audit is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created OpenClaw Memory Audit?

It is built and maintained by shingo0620 (@shingo0620); the current version is v1.1.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments