by 安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
This skill generally does what it says (tracks and escalates recurring error patterns), but review these points before installing:
- ACC_MODELS risk: The scripts call whatever CLI commands you list in ACC_MODELS and append conversation text as an argument. If ACC_MODELS contains networked tools (curl, http clients) or untrusted binaries, your transcripts can be exfiltrated. Before running, set ACC_MODELS to only trusted, vetted model CLIs (e.g., a local Ollama command or an official provider CL...详细分析 ▾
ℹ 用途与能力
The scripts implement error detection, logging, escalation, calibration, and resolution exactly as the description claims (reading transcripts, pattern matching, LLM screening, state files under ~/.openclaw/workspace/memory). This functionality is coherent with the skill name and description. Minor mismatch: registry metadata requires 'jq' but most shipped scripts use python3; jq is not obviously needed in the visible files.
⚠ 指令范围
Runtime instructions and scripts read session transcripts (~/.openclaw/agents/.../sessions and ~/.openclaw/sessions) and send extracted exchanges to model CLIs configured by ACC_MODELS for classification. That networked LLM invocation is consistent with purpose but is a privacy/exfiltration vector: ACC_MODELS is treated as a comma-separated list of arbitrary CLI commands and each command is invoked with the conversation prompt appended. If ACC_MODELS points to a network-capable CLI (curl, http client, or any custom program), transcripts (user messages) can be sent to external endpoints. The skill also writes persistent state files and logs in the workspace, which is expected behavior.
✓ 安装机制
There is no remote install/download step — the repo provides an install.sh and multiple local scripts that create and update state files. No external archive or IP/shortened URL downloads are used in the provided files. install.sh only creates workspace files and prints a cron command for the user to add; it does not automatically register a system cron by itself.
⚠ 凭证需求
Registry metadata lists no required env vars, but the runtime expects and uses several environment variables (ACC_MODELS, WORKSPACE, AGENT_ID, possibly others). In particular, ACC_MODELS (not declared in requires.env) controls which CLI commands are invoked with user transcripts. That is a significant discrepancy: an undeclared env var determines external endpoints (via whatever CLI is supplied). The skill requests no credentials, which is appropriate, but the undeclared ACC_MODELS and the ability to call arbitrary CLIs is a proportionality and transparency concern.
ℹ 持久化与权限
The skill writes persistent state (acc-state.json, learned-patterns.json, brain-events.jsonl, watermark files) into the user's workspace and can be scheduled via a cron job (the installer prints the cron command but does not add it silently). It does not request always:true or modify other skills. Autonomous invocation (disable-model-invocation=false) is the platform default — combined with the above ACC_MODELS issue, this increases risk because scheduled/automated runs could repeatedly send transcripts to configured CLIs without per-run approval.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/2/12
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install acc-error-memory
镜像加速npx clawhub@latest install acc-error-memory --registry https://cn.longxiaskill.com