maasv Memory
ReviewAudited by ClawScan on May 1, 2026.
Overview
This is a coherent memory skill, but it intentionally stores and recalls long-term memories and may send memory-related data to the AI providers you configure.
Before installing, confirm you are comfortable with automatic long-term memory capture and recall. Prefer local providers for sensitive information, protect any API keys in the `.env` file, and review the referenced PyPI/npm packages before adding them to your OpenClaw setup.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your conversations may be summarized, stored long-term, and brought back into future agent sessions.
The skill intentionally creates persistent memory and reuses it in future agent context, which is core to its purpose but can retain sensitive information or influence later answers if memories are inaccurate.
**autoCapture** sends conversation summaries to your local maasv server for entity extraction... **autoRecall** reads from your local SQLite database and injects relevant memories into the agent's context.
Use autoCapture and autoRecall intentionally, avoid storing secrets, periodically review or delete memories, and verify recalled memories before relying on them.
Depending on provider choice, conversation summaries or memory content may be processed by Anthropic, OpenAI, or Voyage under your account.
The artifact clearly discloses provider calls for LLM and embedding functions; if cloud providers are used, memory-related content may leave the local machine.
The only external calls are to your own LLM/embedding provider (Anthropic, OpenAI, Voyage) — using your own API keys, from your own machine. If you use `ollama`, zero data leaves your machine.
Use local Ollama/local LLM settings for sensitive memory, or review the chosen provider's privacy, retention, and billing policies before enabling cloud-backed extraction or embeddings.
Misconfigured or exposed API keys could allow unwanted provider usage or costs.
The skill requires or optionally uses provider API keys and a server API key; this is expected for the integration but gives the local server access to billable external services.
`MAASV_ANTHROPIC_API_KEY`... `MAASV_OPENAI_API_KEY`... `MAASV_VOYAGE_API_KEY`... `MAASV_API_KEY`
Use separate, least-privileged provider keys where possible, keep the `.env` file private, monitor usage, and enable `MAASV_API_KEY` if exposing the server beyond a trusted local setup.
Installing the skill setup will add third-party server and plugin code to the local environment.
The setup relies on external PyPI and npm packages rather than code included in the skill artifact; this is normal for an integration but is a supply-chain dependency users should trust before installing.
pip install "maasv[server,anthropic,voyage]" ... openclaw plugins install @maasv/openclaw-memory
Install from the linked official package pages, review package/source provenance, and pin known-good versions if you need reproducible installs.