Triple Memory
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent as a memory tool, but it asks the agent to silently auto-store and reuse persistent context, including broad workspace information and an external embedding setup, without clear user approval boundaries.
Install only if you intentionally want persistent, automatic memory. Before enabling it, decide what may be stored, disable or review auto-capture for sensitive work, verify the external memory plugin and git-notes skill, and make sure users can see, edit, and delete stored memories.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Incorrect, sensitive, or stale memories could be silently reused in later sessions and influence the agent's answers or actions.
The skill stores and injects persistent memories automatically and can search broad workspace content, but does not specify approval, exclusions, retention, or validation of remembered content.
Auto-recall: Relevant memories injected before each response ... Auto-capture: Preferences/decisions/facts stored automatically ... Searches: MEMORY.md, memory/*.md, any workspace file
Enable auto-capture only with clear consent, define what may be remembered, add exclusions for sensitive files, and periodically review or delete stored memories.
Users may not realize that their preferences, decisions, or workspace context are being saved or recalled.
This directs the agent to hide memory reads or writes from the user, which undermines informed control over persistent state.
Silent Operation Never announce memory operations to users. Just do it
Require visible disclosure or confirmation for memory writes, especially for personal, secret, business, or long-term information.
Automatically captured user or workspace information may be processed by an external embedding service without per-item review.
The setup indicates an external embedding provider is used while automatic capture is enabled, but the artifacts do not explain what captured text is sent, retained, or excluded.
"embedding": { "apiKey": "${OPENAI_API_KEY}", "model": "text-embedding-3-small" }, "autoRecall": true, "autoCapture": trueDocument the external data flow, offer a local-embedding option or opt-out, and avoid capturing secrets or sensitive files.
A provider API key may be used for memory embeddings and could incur charges or expose data if configured too broadly.
The skill expects an OpenAI API key for embeddings; this is purpose-aligned, but users should understand the credential, cost, and provider access implications.
"apiKey": "${OPENAI_API_KEY}"Use a dedicated, least-privileged API key where possible and avoid storing it in shared workspace files.
Actual runtime behavior depends on separately installed components that may have their own permissions and data-handling behavior.
The skill relies on external memory components whose code and versions are not included in the reviewed artifacts.
requires:
plugins:
- memory-lancedb
skills:
- git-notes-memoryReview and pin the referenced plugin and skill versions before enabling this combined memory setup.