ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

BrainDB

v0.5.2

Persistent, semantic memory for AI agents. Gives your AI long-term recall that survives compaction and session resets — 98% accuracy, 20ms latency.

0· 940·1 current·2 all-time
byChairForce@chair4ce

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for chair4ce/braindb.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "BrainDB" (chair4ce/braindb) from ClawHub.
Skill page: https://clawhub.ai/chair4ce/braindb
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: docker, node
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install braindb

ClawHub CLI

Package manager switcher

npx clawhub@latest install braindb
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description (persistent semantic memory) align with the included files: a gateway, embedder, Neo4j DB, migration and auto-capture code. Required binaries (docker, node) are reasonable for the bundled installer. However there are internal inconsistencies: the registry metadata said 'no install spec / no required config paths' while SKILL.md metadata and installer expect to write/patch ~/.openclaw/openclaw.json and create ~/.openclaw/plugins/braindb. The included code also reads many workspace and user files (~/bin/, workspace scripts, skills), which is plausible for a memory/migration tool but broader than the registry's earlier declarations.
!
Instruction Scope
Runtime instructions and code do more than simple encode/recall. install.sh will (by default) back up workspace files, start Docker containers, and patch OpenClaw's config to enable autoCapture/autoRecall. execution-awareness.js actively enumerates system/tooling (which CLI tools are installed, ~/bin scripts, workspace scripts, other installed skills) and auto-capture middleware (auto-capture.js) will ingest tool execution outputs (errors, command output) and encode them into the DB. That means command outputs, script contents, and discovered metadata can be stored automatically. The migration tool can optionally send file contents to Google's Gemini API if the user opts into '--swarm'. These behaviors are within a memory-plugin's remit but are high-risk for sensitive data exfiltration if not understood/controlled.
Install Mechanism
SKILL.md declares a download/install from a GitHub Releases URL (braindb-v0.5.0.zip) and postInstall runs the included install.sh; GitHub releases is a standard host. The installer builds and runs Docker Compose (building local images, downloading the embedding model). That is expected for this workload but will write files, create containers, and download a ~420MB model. The registry-level summary incorrectly indicated 'instruction-only' (no install spec) which is inconsistent with the packaged install scripts and SKILL.md metadata.
!
Credentials
The skill requests no external API keys by default, and the gateway binds to localhost. It generates and stores NEO4J_PASSWORD in a .env and will patch your OpenClaw config. However the code reads numerous local paths and tool outputs (workspace files, ~/bin scripts, other skills' SKILL.md, /tmp/fleet-nodes.json), and auto-capture may store outputs of arbitrary tool executions (including errors and command output). Those actions can capture secrets or sensitive data. Migration can optionally transmit file contents to Google Gemini (opt-in via --swarm), which is explicitly documented but must be chosen by the user to expose data externally.
Persistence & Privilege
The installer patches OpenClaw config to enable the plugin and autoCapture by default (writes to ~/.openclaw/openclaw.json), creates Docker volumes and persists data. always:false so it's not force-included globally, but it does gain persistent presence in the agent config and autonomous invocation (autoCapture/autoRecall). That persistence is normal for a plugin but increases blast radius because the skill will run automatically and record data unless you disable it in config.
What to consider before installing
Things to check before installing: - Review install.sh and the patch step that updates ~/.openclaw/openclaw.json. The installer will enable autoCapture/autoRecall automatically; if you prefer manual enablement, don't let the installer patch config or back up the config first. - Understand auto-capture: the plugin will automatically record tool execution results, discovered scripts, and workspace file metadata into the DB. That can include sensitive outputs (tokens, paths, command output). If you have secrets in outputs or files, either disable auto-capture or run the plugin in an isolated environment first. - Migration privacy: importing with --swarm will send file contents to Google's Gemini API. This is opt-in, but double-check you never run migrate.cjs without --no-swarm or without understanding the flag. Use --scan or --dry-run to preview what would be ingested. - Confirm local exposure: gateway is configured to bind to 127.0.0.1 only, and Neo4j/embedder are on an internal Docker network. Still verify port mappings and .env (NEO4J_PASSWORD) after install. - If you lack full trust in the release: run the installer in a disposable VM/container first, inspect generated .env and Docker images, and examine stored memories/exported backups before connecting to any production data. - If you want least privilege: decline the automatic config patch, keep BrainDB disabled until you audit encode/auto-capture behavior, and never use --swarm unless you explicitly need and approve external processing.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🧠 Clawdis
Binsdocker, node
latestvk97eryynnttg1z38vbq7pr33ex817js7
940downloads
0stars
5versions
Updated 18h ago
v0.5.2
MIT-0
ChairForce@chair4ce
latest
Download

BrainDB

Persistent, semantic memory for AI agents. Built for OpenClaw.

What It Does

Your AI forgets everything between sessions. BrainDB fixes that.

It gives your assistant a memory system that automatically captures important context from conversations and recalls it when relevant — who you are, what you're working on, what you've told it before. Memories persist across compaction, session resets, and restarts.

How it works:

You say something → OpenClaw captures important facts → BrainDB stores them
You ask something → OpenClaw recalls relevant memories → AI has context

No commands. No manual saving. It just works.

Install

Requires Docker and ~4 GB RAM.

openclaw plugin install braindb

Or manually:

git clone https://github.com/Chair4ce/braindb.git ~/.openclaw/plugins/braindb
cd ~/.openclaw/plugins/braindb
bash install.sh

First run: 3–5 minutes (downloads embedding model). After that: ~10 seconds.

What the installer does:

  1. Backs up your existing memory files to ~/.openclaw/braindb-backup/
  2. Builds and starts 3 Docker containers (Neo4j, embedder, gateway)
  3. Patches your OpenClaw config (~/.openclaw/openclaw.json) to enable the plugin
  4. Optionally offers to migrate existing workspace files into BrainDB

Review install.sh before running if you want to understand each step.

What You Get

  • 768-dim semantic search — finds conceptually related memories, not just keyword matches
  • 4 memory types — episodic (events), semantic (facts), procedural (skills), association (links)
  • Tiered ranking — semantic similarity always beats keyword match
  • Auto-dedup — won't store near-duplicate memories
  • Hebbian reinforcement — memories strengthen with use, decay without it
  • Query expansion — understands colloquial phrases
  • 98% recall accuracy on a 50-test benchmark suite
  • 12–20 ms average query latency

Security & Privacy

Core operation is fully local:

  • Gateway binds to localhost only — not exposed to your network
  • Neo4j and embedder are not accessible from the host (isolated Docker network)
  • Neo4j password is auto-generated (24-char random)
  • Optional API key authentication via BRAINDB_API_KEY
  • Containers run as non-root users
  • All embedding, search, and storage runs locally — no external API calls during normal operation

What the installer reads/writes:

  • Reads your OpenClaw config (~/.openclaw/openclaw.json) to add the plugin entry
  • Reads workspace files during optional migration (preview with --scan first)
  • Writes .env with generated Neo4j credentials
  • Creates Docker volumes for persistent storage

Migration privacy notice:

  • Default migration (--no-swarm): Fully local. File contents never leave your machine.
  • Migration with swarm: Sends file contents to Google's Gemini API for intelligent fact extraction. This is opt-in only — you must have swarm installed and explicitly allow it. Use --no-swarm to guarantee local-only processing.
  • Always run node migrate.cjs --scan or --dry-run first to see exactly what would be processed.

Migrating Existing Memories

Already have MEMORY.md, daily notes, or other workspace files? Import them:

node migrate.cjs --scan /path/to/workspace   # Preview files (no data sent anywhere)
node migrate.cjs --dry-run /path/to/workspace # Extract facts locally, don't encode
node migrate.cjs --no-swarm /path/to/workspace # Import, fully local
node migrate.cjs /path/to/workspace           # Import (uses swarm if available)

Your files are never modified. BrainDB copies facts from them — it doesn't replace anything.

Failover

BrainDB fails gracefully:

  1. Gateway down: OpenClaw works normally — the memory block is simply absent from prompts. Your AI still has MEMORY.md and workspace files.
  2. Neo4j down: Gateway returns empty results. No errors, just no memories.
  3. Embedder down: Falls back to text-only search (less accurate but functional).

Your workspace files are the safety net. BrainDB is additive — remove it and you're back to defaults with zero data loss.

Uninstall

openclaw plugin remove braindb

The uninstaller exports all memories (JSON + readable markdown), stops containers, removes the plugin config from OpenClaw, and leaves your workspace files untouched. Docker volumes are preserved until you explicitly delete them.

Performance

MetricValue
Recall accuracy98% (50-test suite)
Avg latency12–20 ms
Cold query~60 ms
Capacity10K+ memories
Storage~3 GB
RAM~2.5 GB

Links

MIT — Oaiken LLC

Comments

Loading comments...