MemoryLayer
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: memorylayer Version: 1.0.0 The skill bundle provides client libraries (Node.js and Python) for interacting with the 'MemoryLayer' semantic memory service hosted at `https://memorylayer.clawbot.hk`. All code (`index.js`, `python/memorylayer_skill.py`) and documentation (`SKILL.md`, `README.md`) consistently direct network traffic and credential handling (via environment variables) to this legitimate service for authentication and memory operations. There is no evidence of data exfiltration to unauthorized endpoints, malicious execution, persistence mechanisms, or obfuscation. The use of 'prompt injection' in `SKILL.md` and code refers to injecting retrieved memories into an LLM's prompt, which is the skill's intended function, not a malicious instruction to the agent itself. Dependencies (`axios`, `requests`) are standard HTTP clients.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can access the user's MemoryLayer account and the memories stored there using the configured credentials.
The client uses MemoryLayer account credentials or an API key and submits email/password to the configured API login endpoint. This is aligned with the service, but it gives the skill delegated account access.
this.email = options.email || process.env.MEMORYLAYER_EMAIL; ... this.apiKey = options.apiKey || process.env.MEMORYLAYER_API_KEY; ... await axios.post(`${this.apiUrl}/auth/login`, { email: this.email, password: this.password });Prefer an API key if available, rotate it if exposed, and verify MEMORYLAYER_URL points only to the intended MemoryLayer or trusted self-hosted endpoint.
Sensitive, incorrect, or maliciously influenced memories could persist and be reused in later prompts.
Arbitrary memory content is persisted to the remote API and later returned as formatted prompt context, so stored memories can influence future agent behavior.
await axios.post(`${this.apiUrl}/memories`, { content, ... }); ... lines.push(`- ${result.memory.content} (relevance: ${result.relevance_score.toFixed(2)})`);Avoid storing secrets or highly sensitive details, periodically review/delete stored memories if the service supports it, and have agents treat retrieved memories as context rather than authoritative instructions.