Agent Memory Architecture
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: afrexai-agent-memory Version: 1.0.0 The skill bundle provides a comprehensive, zero-dependency, file-based memory management system for AI agents. The `SKILL.md` file contains detailed instructions for the agent on how to structure, read, write, and maintain its internal memory files. Crucially, it includes a 'Security Rules' section explicitly warning the agent not to store sensitive data like API keys or passwords in its memory files, and recommends referencing external secrets managers instead. All file operations described are confined to the agent's internal workspace for memory management, and there are no instructions for data exfiltration, unauthorized remote execution, persistence mechanisms, or other malicious activities. The external links in `README.md` are for marketing other products by the same vendor and do not indicate malice within this skill.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private or inaccurate details written into memory files can persist and influence future agent behavior.
The skill is designed to persist user and project context across sessions, including personal preferences, relationships, goals, and business information.
MEMORY.md ← Long-term curated memory (the brain) ... About [Human] - Name, preferences, timezone, communication style ... Key relationships, roles, goals
Keep these files in a private workspace, review them regularly, avoid secrets, and delete or correct sensitive or inaccurate entries.
Memory files may change during scheduled or automatic maintenance, and those changes can affect later sessions.
The README describes automated maintenance during agent wake-ups, which could update persistent memory outside a direct user command if the host environment supports such heartbeats.
Heartbeat Integration — automated memory maintenance during agent wake-ups
Enable heartbeat-style maintenance only if desired, keep changes reviewable, and periodically inspect the generated memory files.
If the original file contains a real secret rather than an example placeholder, it would indicate poor credential hygiene, though no user credential access is shown.
The static scan reports a possible exposed API key literal, but the supplied evidence is redacted and no code or instructions show use of credentials.
- API key: [REDACTED]
Inspect the original SKILL.md line, remove any real secret, and use clearly fake placeholders in documentation.