Agent Memory Tiers
Security checks across malware telemetry and agentic risk
Overview
This instruction-only skill coherently implements a small persistent memory workflow, with the main thing to notice being that it makes agents read and update memory files every activation.
This looks safe to install if you want persistent agent memory. Before using it, decide which agents should keep cross-run state, keep L0/L1 concise, do not store passwords or sensitive tokens there, and periodically review the memory files because they can shape future agent behavior.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Future agent runs may rely on whatever is stored in L0.md and L1.md, including stale, mistaken, or injected instructions if those files are not reviewed.
This creates persistent context that is reused across activations, so incorrect or malicious content placed in those memory files could influence future behavior.
The agent reads L0 and L1 before doing anything else. Before finishing, it updates both files. Next activation picks up exactly where this one left off.
Keep memory entries short and factual, avoid secrets, periodically review L0.md and L1.md, and ensure current user instructions still take priority over stored memory.
Once installed, the agent will continue updating these memory files on later activations unless the user removes or changes the SOUL.md instructions.
The skill establishes a recurring end-of-run behavior by adding mandatory persistent instructions to the agent's SOUL.md, though this is disclosed and user-directed.
## End-of-Run Memory Update (MANDATORY -- do this before finishing every activation)
Install only for agents where persistent memory is desired, and remove the SOUL.md header/footer if you want the behavior to stop.