Shared Memory
v1.0.0共享记忆池 - 跨团队、跨窗口、跨会话的统一记忆系统。支持公司公告板、项目协作空间、知识库、员工状态追踪。适用于虚拟公司、多人协作、AI 团队工作场景。
⭐ 0· 64·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (shared memory / collaboration) match the code and SKILL.md: the code implements read/write/search/update for announcements, projects, knowledge, employee status and related APIs and CLI commands. No unrelated credentials or binaries are requested.
Instruction Scope
The SKILL.md instructs the agent to read/write/manage records stored under ~/.shared-memory and to trigger notifications (future). The instructions are scoped to the stated purpose, but they require creating and modifying files in the user's home directory (privacy/persistence implication). SKILL.md also mentions future notification channels (Feishu, '子代理 sessions_send') which would expand scope if implemented.
Install Mechanism
No install spec — code is shipped in the package and is intended to run with node. No downloads or external installers are declared, which minimizes install-time risk. Running the provided Node CLI will create files under the home directory.
Credentials
The skill declares no required environment variables or credentials. The code uses HOME/USERPROFILE to determine ~/.shared-memory — this is proportional. Note: future notification integrations would likely require new credentials (not present now).
Persistence & Privilege
The skill persistently writes data to ~/.shared-memory (including audit logs and backups) and autoBackup is enabled by default. It does not set up as 'always' but has persistent on-disk presence and will modify the user's home filesystem; users should be aware of sensitive data retention and file permissions.
Assessment
This skill appears internally consistent for a local shared-memory/knowledge system: it stores JSON files under ~/.shared-memory and exposes a Node CLI and API to read/write/search that data. Before installing or running it: (1) review the full shared-memory.js (the provided excerpt is truncated) to confirm there are no network calls or hidden behavior; (2) run it in a sandbox or throwaway account if you want to inspect behavior first; (3) be aware it will create persistent files in your home directory (backups, audit logs) — consider file permissions, retention, and whether sensitive personal/company data will be stored unencrypted; (4) the SKILL.md mentions future notification integrations (Feishu / agent sessions_send) which, if enabled later, will require credentials — only provide such tokens when you trust the skill and have reviewed the notification code; (5) if you need stronger guarantees, request or add encryption-at-rest or access controls and audit the remaining (truncated) portions of shared-memory.js and test.js before use.Like a lobster shell, security has layers — review code before you run it.
latestvk97a4f1qy63vswjf400hfxh46x83x2ft
License
MIT-0
Free to use, modify, and redistribute. No attribution required.