Per Agent Compression Universal
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Review before installing: it sets up persistent scheduled jobs that automatically read and rewrite each agent's long-term memory from personal notes.
Install only if you want all discovered agents' old daily notes to be processed automatically on a weekly schedule. Before running it, back up agent workspaces, confirm the delivery recipient, consider limiting which agents and notes are included, and plan to review or roll back changes to USER.md, IDENTITY.md, SOUL.md, and MEMORY.md manually if needed.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Weekly jobs can keep running and changing agent memory files until the user notices or removes the tasks.
The installer embeds autonomous instructions into scheduled per-agent tasks, creating background behavior that continues after installation.
MSG_FULL="AUTONOMOUS: Weekly per-agent memory consolidation for '$agent_id'... Execute without waiting."
Require explicit confirmation, allow selecting which agents are included, show the created cron jobs, and document that uninstall removes tasks but not prior memory edits.
Sensitive, incorrect, or prompt-injected content from old notes could become persistent context that influences future agent behavior.
The task converts daily notes into persistent long-term memory/profile files, including personal traits and preferences, without requiring user approval of extracted facts.
Read full content (entire daily note) ... Append to targets ... USER.md ... IDENTITY.md ... SOUL.md ... MEMORY.md ... User Traits & Self-Profile
Add a preview/diff and approval step, support exclusions and redaction, back up target files before appending, and periodically review the resulting memory files.
Installing with a privileged OpenClaw account can affect every discovered agent, not just one selected workspace.
The installer uses the current OpenClaw authority to enumerate all agents with workspaces before creating per-agent jobs.
AGENTS_JSON=$(openclaw agents list --json 2>&1) ... select(.workspace != null)
Run from an account with appropriate scope and consider modifying the installer to target only the agents you intend to include.
Completion/failure summaries may reveal that memory compression ran and how many notes were processed, though the artifacts do not show note contents being sent.
The skill sends task announcements through a configured external delivery connector and recipient.
DELIVERY_CHANNEL="${DELIVERY_CHANNEL:-dingtalk-connector}" ... DELIVERY_TO ... "Delivery: channel=$DELIVERY_CHANNEL, to=$DELIVERY_TO"Use a trusted recipient/channel and avoid configuring shared chat targets for private agent memory workflows.
Users may not realize from the registry metadata alone that setup involves running shell scripts and relying on OpenClaw CLI/jq.
The registry metadata under-declares the visible installer-style behavior and dependencies described in the artifacts.
No install spec — this is an instruction-only skill. ... Required binaries ... none
Review install.sh before running it, ensure required binaries are present, and prefer updated metadata that declares the installer and dependencies.