Pluginv0.1.1

ClawScan security

Memok AI Memory · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 21, 2026, 3:55 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The plugin's code, docs, and runtime instructions are coherent with a local-memory (memok-ai) OpenClaw plugin: it persists transcripts to a local SQLite, injects candidate memories into system context, and optionally runs a scheduled 'dreaming' pipeline that calls an LLM — nothing here requests unrelated credentials or unexplained capabilities.
Guidance: What to consider before installing: - Review the install scripts before running the curl|bash or irm|iex one-liners (they pull raw scripts from GitHub/Gitee and execute them). If you prefer, git-clone the repo and run the install steps manually. - The plugin will persist conversation transcripts to a local SQLite (default ~/.openclaw/extensions/memok-ai/memok.sqlite) and writes temporary debug files under /tmp; if this is sensitive data, run in an isolated environment or change paths/permissions. - The plugin can read/write OPENAI_* / MEMOK_LLM_MODEL settings and will use any API key you provide (including for scheduled 'dreaming' jobs) — ensure you trust the key and accept any potential API costs. - If you want tighter control, set MEMOK_KEEP_SOURCE=1 or install from a vetted local copy (or set MEMOK_CORE_GIT_URL to a repository you inspected), and consider running the gateway with limited permissions or in a sandbox for initial evaluation. - If you have concerns about logs or debug files, inspect the plugin source (it's included in the package) to confirm behavior and adjust config (persistTranscriptToMemory, dreamingPipelineScheduleEnabled) accordingly.

Review Dimensions

Purpose & Capability: okName/description (Memok AI Memory) match the code and SKILL.md: the package persists transcripts to a local SQLite memok DB, samples candidate lines, exposes recall/report tools, and provides a setup wizard. Dependencies (memok-ai, better-sqlite3 via the core) and files (plugin, config templates) are appropriate for this purpose.
Instruction Scope: noteSKILL.md and plugin code stay inside the stated scope (setup, config, persist/recall, dreaming). However the README/INSTALL recommends running remote install scripts via curl|bash (GitHub/Gitee raw URLs) — a convenience but a higher‑risk install step. Also the runtime will persist conversation text to a local SQLite and will write debug dumps (/tmp memok-ai-input-*.txt) and log prefixes/suffixes of persisted text, which are privacy-relevant behaviors the user should know about.
Install Mechanism: noteThere is no packaged install spec in the registry metadata, but the README provides one-liner installers that download and execute raw scripts from GitHub/Gitee raw URLs (bash <(curl -fsSL ...) and irm | iex). Those raw URLs are standard hosts (GitHub/Gitee) and the repo contains install scripts, but download-and-exec is inherently higher risk than a purely packaged installer; review the scripts before running or install from a cloned repository if you prefer.
Credentials: noteThe plugin reads/writes LLM-related env/config (OPENAI_API_KEY, OPENAI_BASE_URL, MEMOK_LLM_MODEL) and offers UI fields to map secrets into the gateway config — this is proportional to a plugin that calls LLMs. The skill does not request unrelated cloud credentials. Be aware that providing an API key enables the plugin (and its scheduled dreaming) to make outbound calls and could incur cost.
Persistence & Privilege: noteThe plugin writes config (~/.openclaw/extensions/memok-ai/config.toml), the SQLite DB at the configured path, may copy seed DBs, creates temporary debug files under /tmp, and can register a cron-like 'dreaming' task that invokes the LLM autonomously. always:false (not force-included) is appropriate, but users should be aware it will store transcripts locally and can run scheduled jobs that use provided API keys.