Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Memory Pro
v1.0.0Full AI agent memory stack — Mem0 unified memory engine with vector search (Qdrant) and knowledge graph (Neo4j), plus SQLite for structured data. Complete se...
⭐ 0· 630·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The name/description (Mem0 + Qdrant + Neo4j + SQLite) aligns with the included scripts and setup. However the SKILL metadata only declares OPENROUTER_API_KEY while the code expects and uses Qdrant, Neo4j, Langfuse, and optional OPENAI env variables — the metadata understates the actual external services the skill will interact with.
Instruction Scope
SKILL.md instructs running the bundled scripts and a seeding script. The seed script contains many hard-coded facts including an external server IP and infrastructure notes which will be written into the memory store if executed. The runtime scripts also set default Langfuse keys and Neo4j credentials in code and rely on a number of environment variables not declared in the metadata (QDRANT_*, NEO4J_*, OPENAI_API_KEY). Seeding or running 'test' will cause network calls to Qdrant/Neo4j/Langfuse/OpenRouter if those endpoints are reachable.
Install Mechanism
There is no platform install spec, but a provided setup_brain.sh uses pip to install mem0ai[graph], qdrant-client, and other Python packages from PyPI. Installing third‑party libraries is expected for this functionality, but the mem0ai package is a significant runtime dependency that will pull in network-capable code; installing without review increases risk.
Credentials
Metadata declares only OPENROUTER_API_KEY as required, but the code reads/uses multiple environment variables (QDRANT_HOST, QDRANT_PORT, NEO4J_URL, NEO4J_USERNAME, NEO4J_PASSWORD, OPENAI_API_KEY, LANGFUSE_*). The script even hardcodes a default Neo4j password and Langfuse API keys inside memory_engine.py. Requiring only an LLM gateway key while shipping defaults and embedded secrets for other services is disproportionate and surprising.
Persistence & Privilege
The skill does not request 'always: true', does not alter other skills, and writes data under the agent workspace (creates a venv and a DB under ~/.openclaw/workspace). Those actions are typical for a workspace-local memory assistant and are within reasonable scope.
What to consider before installing
This skill is plausible for an agent memory stack but has several red flags you should address before installing or running it: 1) Inspect and remove or rotate the hard-coded LANGFUSE keys and the default Neo4j password in scripts/memory_engine.py — do not trust embedded secrets. 2) The code uses many environment variables (QDRANT_*, NEO4J_*, OPENAI_API_KEY, LANGFUSE_*) even though the registry only lists OPENROUTER_API_KEY; if you don't want the skill contacting those services, do not run the test/seed scripts. 3) seed_mem0.py will insert a set of prewritten facts (including an IP address and infrastructure notes) into the memory — review and edit that file before running to avoid seeding sensitive or external data. 4) Run setup_brain.sh and the scripts in an isolated environment (or container) first, and audit the pip dependencies (mem0ai[graph], qdrant-client, etc.). 5) If you proceed, supply your own credentials via environment variables and change default passwords; disable Langfuse tracing or point it to a trusted host. If you are not comfortable auditing or sandboxing these steps, treat this skill as untrusted.Like a lobster shell, security has layers — review code before you run it.
brainvk979rb7m4vr6d6y3c6wangvsn181724hlatestvk979rb7m4vr6d6y3c6wangvsn181724hmemoryvk979rb7m4vr6d6y3c6wangvsn181724h
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🧠 Clawdis
EnvOPENROUTER_API_KEY
Primary envOPENROUTER_API_KEY