ClawHub

Engram

v0.2.1

Persistent semantic memory layer for AI agents. Local-first storage (SQLite+LanceDB) with Ollama embeddings. Store and recall facts, decisions, preferences, events, relationships across sessions. Supports memory decay, deduplication, typed memories (5 types), memory relationships (7 graph relation types), agent/user scoping, semantic search, context-aware recall, auto-extraction from text (rules/LLM/hybrid), import/export, REST API, MCP protocol. Solves context window and compaction amnesia. Server at localhost:3400, dashboard at /dashboard. Install via npm (engram-memory), requires Ollama with nomic-embed-text model.

1· 1.8k·1 current·1 all-time
by@dannydvm
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The described purpose (local semantic memory with embeddings, search, recall, REST API) matches the commands and features documented in SKILL.md (engram CLI, local server, Ollama embeddings). However, the platform metadata shown with the skill claims no required binaries or environment variables, while SKILL.md explicitly requires an 'engram' binary (npm package engram-memory) and Ollama + the nomic-embed-text model — an inconsistency in declared requirements and the runtime instructions. Source/homepage for the npm package is also missing, so the provenance of the engram CLI is unclear.
!
Instruction Scope
SKILL.md mandates a 'Boot Sequence (MANDATORY)': run `engram search "<current task context>"` on every session start, meaning the agent will automatically send session/task context to the local memory service. The docs also instruct auto-extraction from arbitrary text and explicitly list storing 'credentials' among storable facts. Those instructions can cause sensitive secrets and arbitrary context to be persisted into a local DB and served to agents later. While this is functionally consistent with a memory service, it is high-risk behavior if not tightly controlled (no automatic redaction/encryption described).
Install Mechanism
The skill is instruction-only (no install spec in platform), but SKILL.md instructs the user to install via npm (engram-memory), brew install ollama, and pull a model. These are standard package sources (npm, Homebrew, Ollama) rather than arbitrary URLs, which lowers technical risk. Caveats: the npm package and its provenance/homepage are not provided in the metadata; the brew command is macOS-specific and there is no Windows/Linux guidance; all installs are manual and would run code from third-party registries.
Credentials
The skill declares no required environment variables or primary credential, and SKILL.md primarily uses a local Ollama endpoint and optional 'openai' provider in config. That is proportionate for an embedding-backed memory layer. However, the instructions encourage storing arbitrary facts (including 'credentials' and other sensitive items) into local storage (~/.engram) and exposing them via a local REST API and dashboard. The absence of declared env/credential requirements is inconsistent with the risk of sensitive-data persistence and with the configuration paths mentioned in SKILL.md.
!
Persistence & Privilege
The skill is not marked always:true, but SKILL.md's 'MANDATORY' boot step asks the agent to run a search on every session start — effectively imposing persistent behavior (automatic queries and local server usage) without platform-level gating. The skill also instructs running a local server (http://localhost:3400) and dashboard. Combined with autonomous invocation (default), this increases the blast radius if secrets are stored or if the local server is misconfigured. The skill does not claim to modify other skills' configs, but the mandatory boot behavior is a scope-creep/privacy concern.
What to consider before installing
This skill appears to be a local-first memory layer and its commands/instructions align with that goal, but take these precautions before installing or enabling it: 1) Verify the provenance of the 'engram-memory' npm package (author, repository, checksum) and only install from a trusted source. 2) Be cautious about the SKILL.md 'MANDATORY' boot step — it instructs the agent to run an automatic search using the current task context on every session start; disable or modify this behavior if you do not want context automatically sent to the memory service. 3) Assume the system will persist anything you add (the docs explicitly mention storing 'credentials'); never ingest secrets or sensitive tokens unless you have encryption/audit controls and isolation in place. 4) Secure the local server/dashboard (localhost is safer than public host, but ensure it's bound to localhost only and access is restricted). 5) Consider using explicit retention/decay/deduplication settings and enable export/encryption of backups before allowing automated ingestion. 6) If you need higher assurance, request the upstream source code or a vetted package repository and a privacy/security whitepaper from the author; absence of a homepage/repository is a red flag. 7) If unsure, classify this as high-risk for sensitive contexts and run only in an isolated environment or container.

Like a lobster shell, security has layers — review code before you run it.

ai-agentvk971zwyd2mt8s1k28q37wgsdes80jk1clatestvk971zwyd2mt8s1k28q37wgsdes80jk1clocal-firstvk971zwyd2mt8s1k28q37wgsdes80jk1cmemoryvk971zwyd2mt8s1k28q37wgsdes80jk1csemantic-searchvk971zwyd2mt8s1k28q37wgsdes80jk1c

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments