Three Tier Memory V2
ReviewAudited by ClawScan on May 10, 2026.
Overview
This looks like a legitimate local memory manager, but it can persist and re-inject conversation content across sessions without clear retention, deletion, or trust-boundary controls.
Install only if you want the agent to keep local long-term memories. Before use, set the workspace path, decide what may be stored, add a way to review and delete memories, and avoid saving secrets or highly sensitive personal information.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Sensitive or malicious prior content could be saved locally and later brought back into the agent's context, influencing future responses or exposing past details.
The skill is designed to persist memory and inject retrieved content into later conversations. The artifacts do not show retention, deletion, user-approval, or trust-boundary controls for those memories.
长期 | `memory/vector-store/` | 语义检索 | 永久记忆,RAG ... 新对话开始:先 `search` 长期记忆,注入相关上下文
Use explicit confirmation before writing long-term memory, add review/delete/expiry controls, and instruct the agent to treat retrieved memories as untrusted reference data rather than authoritative instructions.
Memory files may be created in an unexpected local location, which could confuse users or mix memory state across environments.
The script writes memory files under a configurable workspace, but the default is an absolute, user-specific path that may be unexpected if WORKSPACE_DIR is not set.
WORKSPACE_DIR = Path(os.environ.get('WORKSPACE_DIR', '/Users/scott/.openclaw/workspace'))
MEMORY_DIR = WORKSPACE_DIR / 'memory'Set and document WORKSPACE_DIR before use, and declare the memory/config paths in the skill metadata.
Users may install an unspecified package version manually, and package behavior can change over time.
Long-term memory depends on ChromaDB, but the provided artifacts include no install spec or pinned dependency version.
print("✗ 需要安装 chromadb: pip install chromadb")Provide a pinned dependency/install spec and review ChromaDB behavior before enabling long-term memory.