Back to plugin

Security audit

Memory (A-MEM v2)

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed OpenClaw memory plugin that stores and evolves agent memories using local Qdrant and a configured LLM endpoint.

Install only if you want persistent long-term memory. Configure Qdrant and the LLM endpoint you trust, treat stored memories as potentially sensitive, and enable hooks.allowConversationAccess only if you are comfortable with successful conversations being analyzed for automatic memory updates.

VirusTotal

61/61 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
dist/index.js:46
Evidence
_dataDir = process.env.AMEM_DATA_DIR || path.join(os.homedir(), ".amem");