Mixed Memory Augumented Generation
v1.0.6Mixed Memory-Augmented Generation (MMAG) for AI agents. Five cognitive memory layers — conversational, long-term user, episodic, sensory, and short-term work...
⭐ 2· 456·2 current·2 all-time
byStefano Zeppieri@j0ker98
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (MMAG memory layers) aligns with the included files: init, store, retrieve, context assembly, snapshot, encrypt/decrypt, keygen, prune, and stats. The scripts operate on a local memory/ tree and use openssl for encryption — all coherent with a memory-management skill.
Instruction Scope
SKILL.md directs the agent to run context.sh and treat its output as a restricted data block (the README explicitly warns about prompt-injection). The scripts read and decrypt local memory files and emit them for inclusion in prompts. This is expected for a memory skill, but it introduces normal risks: memory contents are user-supplied untrusted data, redaction is heuristic (limited regexes) and may miss secrets, and some operations rely on interactive prompts (/dev/tty) which can hang automated runs.
Install Mechanism
No install spec included (instruction-only skill with shipped scripts). No remote downloads or external package installs are performed by the skill itself. The only external binary dependency is openssl (reasonable and documented).
Credentials
The skill does not require unrelated credentials. Meta documents MMAG_KEY and MMAG_KEY_FILE for encryption key resolution and the scripts honor both. This is appropriate, but using MMAG_KEY (environment variable) is explicitly less secure and the skill warns about it. Ensure you prefer a key file (MMAG_KEY_FILE) or interactive passphrase rather than exporting a raw key to the environment.
Persistence & Privilege
No elevated privileges or 'always' presence requested. The skill writes to its own memory directory and key file under the user's environment (consistent with its purpose). It does remove plaintext .md files on encryption and manages snapshots — expected behavior for this tool.
Assessment
This skill appears internally consistent for managing local agent memory. Before installing: (1) Inspect and trust the source — these are local scripts that will create and modify files under a memory directory and a key file (default ~/.openclaw/skills/mmag/.key). (2) Prefer storing the encryption key in a file (MMAG_KEY_FILE) rather than exporting MMAG_KEY in the environment. (3) Understand that context.sh decrypts memory (via decrypt.sh) to assemble prompts — treat that output strictly as data and do not allow it to override system prompts or safety policies. (4) Redaction is heuristic; secrets may not always be caught — avoid storing highly sensitive credentials in memory files. (5) The encrypt script securely deletes originals; back up the key file or you will lose encrypted data. (6) Automated agents may be unable to satisfy interactive prompts (/dev/tty); plan key provisioning for automation. If you trust the author and follow those precautions, the skill is coherent with its stated purpose.Like a lobster shell, security has layers — review code before you run it.
latestvk97dx78bf42g2x4x7yy2df0b3582ryrq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.