Aoju Memory
v1.0.1Long-term memory, learning, and self-evolution for the agent. Activates on session start (SOUL.md/USER.md context), after significant decisions, on feedback,...
⭐ 0· 95·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (long-term memory, learnings, evolution) match the included scripts and SKILL.md. All requested actions (reading SOUL.md/USER.md/MEMORY.md, writing daily logs and learnings, generating reports, identifying patterns) are implemented by the provided scripts and manifest. There are no unrelated credentials, binaries, or external services required.
Instruction Scope
The SKILL.md explicitly instructs the agent to read and write files in the OpenClaw workspace (SOUL.md, USER.md, MEMORY.md, memory/YYYY-MM-DD.md, etc.). That is appropriate for a memory skill, but it does mean the skill will persist user and session content to disk and read those files at session start — review these files for sensitive content before enabling. The SKILL.md and scripts limit external communication (no endpoints) and do not request other unrelated system files.
Install Mechanism
Instruction-only plus included Python scripts; no install spec, no external downloads, no package manager installs. This minimizes supply-chain risk. The README recommends cloning from a GitHub repo, but the package as provided contains all scripts and needs only a Python runtime (no explicit dependencies).
Credentials
No environment variables, credentials, or config paths outside ~/.openclaw/workspace are requested. All file access is scoped to the agent workspace (MEMORY.md and memory/*). The number and type of file writes/reads are proportional to the stated purpose.
Persistence & Privilege
The skill persists data to disk under the user's OpenClaw workspace and will append, archive, and (when archiving) delete older learning files. always:false (not force-included). The scripts do not autonomously contact external endpoints, but because the agent can invoke skills autonomously by default, it could read/write the workspace without manual invocation — consider that persistent storage of user data increases sensitive-data exposure if the agent or other skills gain access.
Assessment
This skill appears to do what it says: local long-term memory stored under ~/.openclaw/workspace (MEMORY.md and memory/*). It does not request credentials or make network calls. Before installing, consider: (1) The skill will persist session content and user preferences to disk — review MEMORY.md, SOUL.md, USER.md content for anything sensitive you don't want stored. (2) Archived learnings older than the configured cutoff may be deleted by the archive routine — if you need retention, back up the memory directory. (3) Because the agent can invoke skills autonomously, decide whether you want the skill enabled for automatic session-start reads; if not, keep it user-invocable only. (4) If you install from a remote source, prefer an official repo or inspect the shipped scripts (you already have them) to confirm no changes. Overall, no network exfiltration or unrelated privileges were found, but treat persisted memory as potentially sensitive data and manage access/backup accordingly.Like a lobster shell, security has layers — review code before you run it.
ai-agentvk975qajfws9ge5hyw1b5mn300x83q9kdlatestvk97ccbbrtcy16vngpqphvc1ezn83zf1rlearningvk975qajfws9ge5hyw1b5mn300x83q9kdmemoryvk975qajfws9ge5hyw1b5mn300x83q9kdself-evolutionvk975qajfws9ge5hyw1b5mn300x83q9kd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.