memory-lancedb-pro

github.com/clawhub.ai/memory-lancedb-pro-skill-main

Verdict: Do not install

11 critical0 high1 medium

SCORE 0 / 100

$skillox install memory-lancedb-proSoon

Why grade F?

score · 0 / 100

The current grade reflects 11 critical findings (any 2+ CRITs → F).

11 CRIT0 HIGH1 MED0 LOW

To reach a higher grade

D
Reach Dtarget score 30
Resolve 10 of your 11 CRIT findings — any single CRIT still keeps you at D.
C
Reach Ctarget score 55
Resolve all 11 CRIT findings.
B
Reach Btarget score 75
Resolve all 11 CRIT.
A
Reach Atarget score 95
Resolve all 11 CRIT.

Thresholds are documented at /docs/grading. Source-of-truth is the grade() function in @skillox/scanner.

Latest scan findings

Scan crawl-gbrrcc4wma3g5ruz7q4rpa7u · Thu, 28 May 2026 16:20:55 GMT · 6ms

crit

Skill references secret env var ${OPENAI_API_KEY}

The skill instructions reference `${OPENAI_API_KEY}`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.

rule: env-var-harvestingline: 175CWE-200

▾

173 "extractMaxChars": 8000,

174 "llm": {

175 "apiKey": "${OPENAI_API_KEY}",← references ${OPENAI_API_KEY} — potential credential leak

176 "model": "gpt-4o-mini",

177 "baseURL": "https://api.openai.com/v1"

crit

Skill references secret env var ${OPENAI_API_KEY}

The skill instructions reference `${OPENAI_API_KEY}`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.

rule: env-var-harvestingline: 216CWE-200

▾

214 "extractMaxChars": 8000,

215 "llm": {

216 "apiKey": "${OPENAI_API_KEY}",← references ${OPENAI_API_KEY} — potential credential leak

217 "model": "gpt-4o-mini",

218 "baseURL": "https://api.openai.com/v1"

crit

Skill references secret env var ${OPENAI_API_KEY}

The skill instructions reference `${OPENAI_API_KEY}`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.

rule: env-var-harvestingline: 242CWE-200

▾

240{

241 "embedding": {

242 "apiKey": "${OPENAI_API_KEY}",← references ${OPENAI_API_KEY} — potential credential leak

243 "model": "text-embedding-3-small",

244 "baseURL": "https://api.openai.com/v1"

crit

Skill references secret env var ${OPENAI_API_KEY}

The skill instructions reference `${OPENAI_API_KEY}`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.

rule: env-var-harvestingline: 253CWE-200

▾

251 "extractMaxChars": 8000,

252 "llm": {

253 "apiKey": "${OPENAI_API_KEY}",← references ${OPENAI_API_KEY} — potential credential leak

254 "model": "gpt-4o-mini",

255 "baseURL": "https://api.openai.com/v1"

crit

Skill references secret env var ${OPENAI_API_KEY}

The skill instructions reference `${OPENAI_API_KEY}`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.

rule: env-var-harvestingline: 694CWE-200

▾

6921. **Gateway restart required after any change**: After installing, enabling, disabling, updating, or changing config in `openclaw.json`, you MUST run `openclaw gateway restart` — changes are NOT hot-reloaded.

6932. **Workspace plugins are DISABLED by default**: After git clone, you MUST add `plugins.allow: ["memory-lancedb-pro"]` AND `plugins.entries.memory-lancedb-pro.enabled: true` — without these the plugin silently does not load.

6943. **Env vars in gateway process**: `${OPENAI_API_KEY}` requires env vars set in the *OpenClaw Gateway service* process—not just your shell.← references ${OPENAI_API_KEY} — potential credential leak

6954. **Absolute vs. relative paths**: For existing deployments, always use absolute paths in `plugins.load.paths`.

6965. **`baseURL` not `baseUrl`**: The embedding (and llm) config field is `baseURL` (capital URL), NOT `baseUrl`. Using the wrong casing causes a schema validation error: "must NOT have additional properties". Also note the required `/v1` suffix: `http://localhost:11434/v1`, not `http://localhost:11434`. Do not confuse with `agents.defaults.memorySearch.remote.baseUrl` which uses a different casing.

crit

Skill references secret env var ${OPENAI_API_KEY}

The skill instructions reference `${OPENAI_API_KEY}`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.

rule: env-var-harvestingline: 750CWE-200

▾

748| `memory-lancedb-pro: plugin not found` / plugin silently not loading | `plugins.allow` missing (git-clone install) or `enabled: false` | Add `plugins.allow: ["memory-lancedb-pro"]` and set `enabled: true`, then restart |

749| `Unknown plugin id` validation error | Plugin referenced in `entries`/`slots` before it's discoverable | Install/register the plugin first, then add config references |

750| `${OPENAI_API_KEY}` not expanding / auth errors despite env var set | Env var not set in the **gateway process** environment | Set the env var in the service that runs OpenClaw gateway, not just your shell |← references ${OPENAI_API_KEY} — potential credential leak

751| Hooks (`before_agent_start`, `agent_end`) not firing | Gateway not restarted after install/config change | Run `openclaw gateway restart` |

752| Embedding errors with Ollama | Wrong `baseURL` format | Must be `http://localhost:11434/v1` (with `/v1`), field must be `baseURL` not `baseUrl` |

crit

Skill references secret env var ${OPENAI_API_KEY}

The skill instructions reference `${OPENAI_API_KEY}`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.

rule: env-var-harvestingline: 766CWE-200

▾

764 "embedding": {

765 "provider": "openai-compatible",

766 "apiKey": "${OPENAI_API_KEY}",← references ${OPENAI_API_KEY} — potential credential leak

767 "model": "text-embedding-3-small"

768 },

crit

Skill references secret env var ${OPENAI_API_KEY}

The skill instructions reference `${OPENAI_API_KEY}`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.

rule: env-var-harvestingline: 803CWE-200

▾

801 "enableManagementTools": false,

802 "llm": {

803 "apiKey": "${OPENAI_API_KEY}",← references ${OPENAI_API_KEY} — potential credential leak

804 "model": "gpt-4o-mini",

805 "baseURL": "https://api.openai.com/v1"

crit

Skill references secret env var ${OPENAI_API_KEY}

The skill instructions reference `${OPENAI_API_KEY}`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.

rule: env-var-harvestingline: 855CWE-200

▾

853 "smartExtraction": true,

854 "llm": {

855 "apiKey": "${OPENAI_API_KEY}",← references ${OPENAI_API_KEY} — potential credential leak

856 "model": "gpt-4o-mini",

857 "baseURL": "https://api.openai.com/v1"

crit

Skill references secret env var ${OPENAI_API_KEY}

The skill instructions reference `${OPENAI_API_KEY}`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.

rule: env-var-harvestingline: 1177CWE-200

▾

1175 "extractMaxChars": 8000,

1176 "llm": {

1177 "apiKey": "${OPENAI_API_KEY}",← references ${OPENAI_API_KEY} — potential credential leak

1178 "model": "gpt-4o-mini"

1179 }

crit

Skill references secret env var ${OPENAI_API_KEY}

The skill instructions reference `${OPENAI_API_KEY}`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.

rule: env-var-harvestingline: 1186CWE-200

▾

1184```json

1185{

1186 "embedding": { "apiKey": "${OPENAI_API_KEY}", "model": "text-embedding-3-small" },← references ${OPENAI_API_KEY} — potential credential leak

1187 "smartExtraction": true

1188}

med

No capability manifest declared

The skill ships without a `manifest.yaml` or `capabilities` block in its frontmatter. Without a manifest, the runtime cannot enforce what this skill is permitted to do.

rule: no-manifest

▾

View latest scan →

skillox.io/c/memory-lancedb-pro

Skill facts

Latest grade: F · 0
Total scans: 1
Latest version: —
Last scanned: 2026-05-28
Source: clawhub.ai/memory-lancedb-pro-skill-main

AIBOM

What this skill accesses

No manifest

Declared (from capabilities)

No capabilities block in frontmatter — the skill doesn't state what it should access.

Observed (from scan findings)

Nothing observed in the body.

AIBOM (Application Skills Bill of Materials) — see /docs/concepts/aibom for the format.

Version history

Only this scan

No other scans on record for this skill name. New scans appear here as the catalog re-crawls or creators request a re-scan.

Embed badge

Show this grade in your README.

Tracks the latest grade automatically. Updates within five minutes of every re-scan.

Markdown

[![SkillOx grade](https://api.skillox.io/badge/memory-lancedb-pro.svg)](https://skillox.io/c/memory-lancedb-pro)

Markdown · score

[![SkillOx score](https://api.skillox.io/badge/score/memory-lancedb-pro.svg)](https://skillox.io/c/memory-lancedb-pro)

HTML

<a href="https://skillox.io/c/memory-lancedb-pro"><img src="https://api.skillox.io/badge/memory-lancedb-pro.svg" alt="SkillOx grade"/></a>

reST

.. image:: https://api.skillox.io/badge/memory-lancedb-pro.svg
   :target: https://skillox.io/c/memory-lancedb-pro
   :alt: SkillOx grade

Coming soon

Creator verification badge, expert-review status, and Cosign-signed release attestation appear here as those layers ship. AIBOM + version history are live; the others follow once the creator portal completes its identity-proof + signing surface.