Mem Optimizer
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is not clearly malicious, but it can run automatically, scan multiple agents' memory workspaces, and modify persistent memory files, so it should be reviewed before installation.
Before installing, inspect the full source, disable the daily cron unless you explicitly want it, run only in dry-run mode first, back up memory files, and restrict the skill to the current workspace unless you intentionally want it to inspect other agents' memories.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with dryRun=false, the agent may rewrite memory files and remove details that the user expected to keep.
The callable tool can switch from preview to actual compression through a single boolean, but the tool schema does not show a separate confirmation, target file list, backup option, or exclusion boundary.
"dryRun": { "type": "boolean", "default": true, "description": "true=仅预览不修改文件,false=执行实际压缩" }Keep dryRun enabled by default, require explicit user confirmation before every write, show the exact files and diffs, and create backups before compression.
Installing the skill allows it to run local system-status commands, which may expose local machine metadata in reports.
The code uses child_process.exec to run local shell commands such as top, free, df, uptime, and ls. The shown commands are fixed rather than user-controlled, and they align with the advertised server-status report.
exec(commands[key], (err, stdout, stderr) => {Verify that local shell execution is acceptable in your environment and restrict the skill to systems where these commands are expected.
Persistent memory notes can influence future optimization behavior; a bad or overbroad learned pattern could cause future memory to be compressed too aggressively.
The skill reads persistent self-improvement/reflection files and promotes stored patterns into future compression preferences, while also appending new reflections and corrections.
if (obj.status === 'Confirmed') { preferences.learnedPatterns.push(obj); }Review self-improvement files before applying learned preferences, require user approval before promoting global preferences, and keep an audit trail with rollback.
The skill may read activity and memory metadata from other agents' workspaces, crossing agent data boundaries.
The code scans all OpenClaw agent entries and their workspace memory directories using hardcoded global paths, rather than limiting itself to the current workspace or an explicit user-selected agent.
const agentsDir = '/root/.openclaw/agents'; ... const workspacePath = `/root/.openclaw/workspace-${agentId}`; ... const memoryDir = path.join(workspacePath, 'memory');Limit scanning to the current workspace by default, require explicit selection for other agents, and document what data is read from each agent.
The skill can keep operating on a schedule, potentially changing memory files or sending reports even when the user did not manually ask for that day's run.
The skill declares a daily scheduled action that performs memory optimization and sends a summary report, creating autonomous recurring behavior beyond a one-time user request.
cron:\n - expression: "0 8 * * *"\n action: "mem_optimize_daily"\n description: "每天上午 8 点执行记忆优化并发送每日总结"
Disable the cron job unless needed, make scheduled runs preview-only unless separately approved, and clearly show how to stop the scheduled task.