Oathe Security Badge

Is skill/brain-v3-skill safe?

https://clawhub.ai/skill/brain-v3-skill

78
CAUTION

ClawBrain is a memory system skill that appears functional but requests concerning permissions including startup hook installation and extensive user behavior tracking. While no immediate malicious behavior was detected, the broad scope and privacy implications warrant caution.

Category Scores

Prompt Injection 85/100 · 30%
Data Exfiltration 85/100 · 25%
Code Execution 70/100 · 20%
Clone Behavior 75/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 40/100 · 5%

Findings (4)

MEDIUM Plans to install executable hooks -30

The skill documentation indicates it will install startup hooks to ~/.openclaw/hooks or ~/.clawdbot/hooks that execute JavaScript code on system startup. While no hooks were installed during this audit, this represents potential code execution outside the skill directory.

MEDIUM Broad scope and privacy concerns -60

The skill claims to be a memory system but requests extensive permissions including conversation tracking, mood detection, user profiling, and personality analysis. This broad scope raises privacy concerns and potential for misuse.

LOW External dependency installation -10

The skill requires external pip package installation (clawbrain[all]) which could introduce dependencies not visible in the skill audit.

LOW External repository reference -15

The skill references an external GitHub repository for source code, which could potentially be modified after audit.