The Agent Skills Directory

[SAFE]: The skill functions exclusively within the local filesystem, specifically targeting the ~/.openclaw/workspace/memory directory. It does not perform network requests or attempt to exfiltrate data to external servers.- [SAFE]: The provided scripts (init.sh, detect.sh, snapshot.sh, etc.) use standard system utilities like grep, find, mv, and cat to perform intended memory management tasks. No evidence of malicious command injection or privilege escalation was found.- [SAFE]: The skill does not contain any obfuscated code, hidden instructions (such as zero-width characters or base64-encoded payloads), or hardcoded credentials.- [SAFE]: Indirect Prompt Injection Surface: The skill reads and processes local memory files which could contain untrusted data. Ingestion points include search.sh and snapshot.sh, which output file content to the agent context. Capability inventory includes local file manipulation via mv, cp, and cat. While boundary markers are not explicitly used in the output, the risk is inherent to the tool's purpose and is mitigated by the local-only execution scope and line-count limits in search results.

memory-manager