ClawHub

persistent_user_memory

v1.0.0

Manages long-term local user memory across sessions for personalization, learning preferences, contacts, and patterns to tailor assistance continually.

1· 487·5 current·5 all-time
by@eyadhrif
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (persistent local user memory) align with the instructions: the skill stores and consults a local JSON profile (~/.openclaw/memory/user_profile.json) and updates it over time. There are no unrelated credential or binary requirements.
Instruction Scope
SKILL.md instructs the agent to silently load the profile before every significant action and silently write updates after learning. These behaviors are coherent with the purpose but grant the skill broad automatic access to user data on disk and allow automatic modifications without explicit per-write user confirmation, which is a privacy/consent concern even though operations stay local and sensitive data storage is explicitly disallowed.
Install Mechanism
Instruction-only skill with no install spec and no code files; nothing will be downloaded or executed during install. This is low-risk from an installation perspective.
Credentials
The skill requires no environment variables, credentials, or external config paths beyond a local profile file. The declared scope (local filesystem) matches what's needed to implement long-term memory.
Persistence & Privilege
The skill persists a file in the user's home directory and instructs the agent to 'never delete' it unless the user requests. 'always' is false and the skill does not request system-wide or cross-skill config changes, but the persistent, silent read/write behavior increases the blast radius for privacy mistakes on shared machines.
Assessment
This skill appears to do what it says: maintain a local JSON memory and consult it automatically. Before installing, be aware that it will silently read ~/.openclaw/memory/user_profile.json before significant actions and update it after learning — that can surprise users on shared machines or when you expect explicit confirmation. Verify you trust the skill source (no homepage provided), inspect SKILL.md yourself, consider restricting file permissions on ~/.openclaw/memory, decide whether you want silent writes or prefer prompts, and know you can remove the memory file (or ask the agent to 'forget everything') to revoke persistent data.

Like a lobster shell, security has layers — review code before you run it.

latestvk979adjnxq9fvsf9wkyn7fwdn1824b5b

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments