Agent Progressive Memory
PassAudited by ClawScan on May 14, 2026.
Overview
This instruction-only skill is mostly a scoped protocol for limiting group-memory access, but users should notice that it can read and update persistent team memory.
This skill appears safe to install as an instruction-only memory protocol. Before using it, make sure the group memory files are trusted, access-controlled, and reviewed, because they can shape future agent behavior and may contain team or contact information.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the group memory is inaccurate or edited by an untrusted party, the agent may follow misleading project rules or load the wrong context.
The agent is instructed to load persistent group memory that includes rules and routing information, so stored memory content can influence future behavior.
`memory_get("memory/groups/{group_id}.md")` | Hard Rules + 路由索引表Keep group memory files editable only by trusted users, review the index periodically, and treat stored 'Hard Rules' as contextual guidance rather than authority over user or system instructions.
Incorrect or premature memory updates could carry forward into future conversations and influence later decisions.
The protocol includes persistent memory write-backs, which can affect what the agent remembers and reuses in later group/project sessions.
新决策 → 追加 `experience.md`; 任务状态变化 → 更新 `attention.md`; 索引文件只增不删
Confirm important memory updates with the user or team, keep an audit trail, and correct or deprecate stale entries when decisions change.
The agent may access sensitive team information when a task requires people or approval context.
The memory structure may include personal or organizational information such as roles, approval processes, and contact details.
P3 | `people.md` | 人员角色、审批流程、联系方式 | 需要找人的时候
Avoid storing unnecessary personal data, restrict access to group memory, and ensure users understand when people/contact memory may be loaded.