MemoryAI
v1.0.0Persistent long-term memory for AI agents. Store, recall, reason, and seamlessly switch sessions with zero context loss.
⭐ 0· 476·3 current·3 all-time
byMV- AI REALITY ENGINE@ch270035
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (persistent agent memory) align with the delivered files and runtime needs. The client CLI talks to a remote /v1 API, and the Context Guard reads OpenClaw session state — both are coherent with the stated purpose. Required binaries (python3) and primary env HM_API_KEY / HM_ENDPOINT are expected.
Instruction Scope
SKILL.md and the CLI instruct the agent to send session conversations and memory payloads to the configured endpoint and to optionally create a background cron job that runs context_check. The context_check script reads OpenClaw's sessions.json and writes a WAL under WORKSPACE/memory/wal.json. These actions are consistent with session handoff and background memory maintenance, but they involve transmitting conversation content and reading local agent session state — review whether you want those artifacts sent to the remote service.
Install Mechanism
No install spec; this is instruction-only with plain Python scripts included. No external downloads or package installs are performed by the skill itself, minimizing injection/install risk.
Credentials
Requested env vars (HM_API_KEY, HM_ENDPOINT, OPENCLAW_DIR, WORKSPACE) are justified: HM_* for API access; OPENCLAW_DIR and WORKSPACE for reading sessions.json and storing WAL. That said, those filesystem envs grant the skill read access to agent session files (sessions.json) and write access to the workspace — privileges you should be comfortable granting because session data and metadata may be sensitive.
Persistence & Privilege
always:false and autonomous invocation default are normal. The skill does not request force-enable or modification of other skills. Context Guard cron creation is documented as opt-in and the skill writes only to its own WAL path under WORKSPACE/memory; still, enabling background cron jobs grants ongoing periodic access to local session state and to the remote endpoint.
Assessment
This skill appears to do what it says: it stores and restores agent context to a remote MemoryAI service and optionally monitors local sessions.json to trigger compaction/handoff. Before installing: 1) Note that conversation content and session context will be POSTed to the configured endpoint (default https://memoryai.dev). If you don't trust that service, point HM_ENDPOINT to a self-hosted instance or do not install. 2) The skill reads OpenClaw's sessions.json and writes a WAL in WORKSPACE/memory — treat this as granting it access to local agent session metadata (and possibly sensitive conversation content if you use handoff). 3) Inspect the two included scripts yourself (they use only Python stdlib), and consider running them in an isolated environment or with a dedicated API key to reduce blast radius. 4) Do not put production secrets or third-party credentials into stored memories. 5) If provenance matters, ask the publisher for a homepage/source repo or use a vetted/self-hosted server; that would raise confidence. Rotate HM_API_KEY after testing and limit the key's permissions if the backend supports scoped keys.Like a lobster shell, security has layers — review code before you run it.
latestvk97e6cz3ywxfqmkw9nkpr2drq582mvzr
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🧠 Clawdis
Binspython3
EnvHM_API_KEY, HM_ENDPOINT, OPENCLAW_DIR, WORKSPACE
Primary envHM_API_KEY