smart-memory Security Audit Report
smart-memory is an AI agent skill, created by bluepointdigital and published at openclaw/skills. ClawSecure audited smart-memory across 24 files through the 3-Layer Audit Protocol covering all ten OWASP ASI Top 10 categories, assigning a security score of 0/100 (High Risk). The 16 findings concentrate in Malicious Code, Code Injection and Policy Violation, including Detects system manipulation, privilege escalation, and destructive file... and Attempts to access sensitive file: MEMORY.md. 14 were rated high or critical severity.
Is smart-memory safe?
ClawSecure audited smart-memory and assigned a security score of 0/100 (High Risk), identifying 16 findings across Malicious Code and Code Injection. Review the findings below before installing.
What did ClawSecure find in smart-memory?
ClawSecure identified 16 findings in smart-memory, concentrated in Malicious Code, Code Injection and Policy Violation. 14 were rated high or critical severity. The most severe include Detects system manipulation, privilege escalation, and destructive file... and Attempts to access sensitive file: MEMORY.md.
How was smart-memory audited?
ClawSecure ran smart-memory through its 3-Layer Audit Protocol with full OWASP ASI Top 10 coverage, scanning 24 files from openclaw/skills.
What does a score of 0 mean?
ClawSecure assigned smart-memory a security score of 0/100, placing it in the High Risk range. This is driven by 16 findings led by Malicious Code that should be addressed before use. ClawSecure derives this score with a weighted deduction model (critical -20, high -10, medium -5, low -2 from a base of 100).
Audit Findings for smart-memory
ClawSecure detected 16 security findings in smart-memory, spanning Malicious Code, Code Injection, Policy Violation and Unauthorized Tool Use.
- high · Detects system manipulation, privilege escalation, and destructive file.... Unauthorized Tool Use finding detected in
install.sh:59. - high · Attempts to access sensitive file: MEMORY.md. Malicious Code finding detected in
AGENTS.md. - high · Attempts to access sensitive file: MEMORY.md. Malicious Code finding detected in
CHANGELOG.md. - high · Attempts to access sensitive file: MEMORY.md. Malicious Code finding detected in
MEMORY_STRUCTURE.md. - high · Attempts to access sensitive file: MEMORY.md. Malicious Code finding detected in
README.md. - high · Attempts to access sensitive file: MEMORY.md. Malicious Code finding detected in
SKILL.md. - high · Attempts to access sensitive file: MEMORY.md. Malicious Code finding detected in
README.md. - high · Attempts to access sensitive file: MEMORY.md. Malicious Code finding detected in
focus_agent.js. - high · Attempts to access sensitive file: MEMORY.md. Malicious Code finding detected in
memory.js. - high · Attempts to access sensitive file: MEMORY.md. Malicious Code finding detected in
integration.md. - high · Attempts to access sensitive file: MEMORY.md. Malicious Code finding detected in
smart_memory.js. - high · Attempts to access sensitive file: MEMORY.md. Malicious Code finding detected in
vector_memory_local.js.
Showing the 12 highest-severity of 16 findings. The full interactive list appears below.
3-Layer Audit Protocol
Security Recommendations for smart-memory
Audit external network connections
Eliminate dynamic code execution
Resolve policy violations
Related Security Research
ClawHavoc Explained: The Malware Family Targeting AI Agents→Beyond Static Scans: Why ClawSecure Verifies Agentic Intent→Related AI Agent Security Audits
Scanned on February 7, 2026. smart-memory is one of thousands of agents audited by ClawSecure from the community-curated awesome-openclaw-skills list and the openclaw/skills repository.