MindClaw
v0.3.1Structured long-term memory for AI agents with fact curation, conflict detection, importance scoring, timeline reconstruction, and OpenClaw integration.
⭐ 1· 266·3 current·3 all-time
byWouldyou@blue8x
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (structured long-term memory for agents, OpenClaw integration) match the code and CLI features (SQLite store, BM25 search, Ollama semantic support, sync to OpenClaw MEMORY.md). However there are small metadata inconsistencies (registry lists no homepage/source while SKILL.md and other files reference different GitHub repos: Blue8x/MindClaw vs Blue8x/Clawtion), which reduces confidence in provenance.
Instruction Scope
Runtime instructions and code explicitly read/write user files: ~/.mindclaw/config.json, a DB under ~/.mindclaw, and OpenClaw workspace files (~/.openclaw/workspace/MEMORY.md). The tool also auto-registers itself with other runtimes (Claude Desktop and OpenClaw) by modifying their config files. The capture rules will scan conversation text for credential-like patterns and attempt to redact them, but the capability to detect/store redacted credential context is present — this increases the risk of sensitive data being processed and persisted unintentionally.
Install Mechanism
No install spec bundled in the registry; SKILL.md instructs using pip install mindclaw[mcp], which is a normal delivery mechanism. The bundle includes full source/pyproject making local inspection possible. No network downloads from obscure URLs are required by the instructions. The mismatch in repository names/URLs (Clawtion vs MindClaw) is a provenance anomaly to check before pip installing from an external registry.
Credentials
The skill does not require secrets or external credentials to function, and declares no required env vars, but supports MINDCLAW_DB / MINDCLAW_AGENT / MINDCLAW_OPENCLAW_WORKSPACE overrides and may auto-detect a local Ollama instance. The capture engine looks for credential-like text in conversation streams (and redacts values) — that behavior is plausible for a memory tool but is sensitive and should be considered when granting agents access to conversation logs. The tool also edits other apps' config files (Claude Desktop, OpenClaw) to register itself — those actions need explicit user consent.
Persistence & Privilege
The skill persists long-term data (~/.mindclaw/config.json, SQLite DB) which is expected. However it also offers automated registration that updates other tools' configuration (Claude Desktop and OpenClaw tools registries). Modifying other tools' configs is out-of-scope for a simple memory store and increases privilege/persistence surface; verify exactly what files are changed and that you consent to those changes.
Scan Findings in Context
[pre-scan] unexpected: No static regex-based pre-scan findings were reported. That does not imply safety — the package contains code that writes config files and edits other tool registries, which are behavioral risks rather than pattern-matched signatures.
What to consider before installing
Before installing or enabling MindClaw, consider the following: 1) Verify provenance: confirm the pip package and GitHub repository are the official project (metadata in files references multiple repo names — resolve that mismatch). 2) Backup OpenClaw/agent files (MEMORY.md, ~/.openclaw/tools.json, Claude Desktop config) because MindClaw's setup/mcp install will modify those files. 3) Audit the mcp install/setup code paths (mcp_server.py and CLI install handlers) to see precisely what files they modify and whether they call external endpoints. 4) If you accept automatic registration, run setup interactively rather than allowing an agent to call setup_mindclaw without human approval. 5) Be cautious about feeding conversation logs to auto-capture: the capture rules detect credential-like strings (they attempt to redact values but still store context) — do not pass secrets into capture or disable auto-capture for sensitive streams. 6) Prefer testing in a sandbox / VM or with a non-production OpenClaw workspace and a disposable agent namespace until you are satisfied with behavior.Like a lobster shell, security has layers — review code before you run it.
agent-toolvk978fhhamtzgy3b8j1p1mpgstx8266r7knowledge-graphvk978fhhamtzgy3b8j1p1mpgstx8266r7latestvk978fhhamtzgy3b8j1p1mpgstx8266r7mcpvk978fhhamtzgy3b8j1p1mpgstx8266r7memoryvk978fhhamtzgy3b8j1p1mpgstx8266r7openclaw-nativevk978fhhamtzgy3b8j1p1mpgstx8266r7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.