ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Memory Core

v0.1.3

OpenClaw 长期记忆核心:基于 LanceDB 的向量化长期记忆存储与检索,内置意图/场景隔离以防记忆污染。

0· 1.2k·14 current·17 all-time
byMaxStormSpace@lilei0311
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implementation: code provides ingest/retrieve/forget backed by LanceDB, intent/scene classification, and embedding calls. No unrelated binaries, unexplained credentials, or excessive dependencies are requested.
Instruction Scope
Runtime instructions are limited to running the provided Python CLI under the skill directory. The code will read ~/.openclaw/openclaw.json (to auto-load a siliconflow API key and to infer agent model) and will persist a LanceDB file under the skill directory (default data/memory.lance). Importantly, text passed to ingest/retrieve is sent to the configured embedding provider (default: siliconflow cloud) via HTTP requests — this is expected behavior but is a privacy-relevant network transmission.
Install Mechanism
No install script is included (instruction-only install), and declared Python dependencies (lancedb, numpy, requests) match the code. Nothing is downloaded from arbitrary URLs or written outside the skill's directory besides reading ~/.openclaw/openclaw.json.
Credentials
The skill declares no required env vars but supports MEMORY_CORE_* env overrides and a secret embedding_api_key in config.json/skill.json. It also attempts to read ~/.openclaw/openclaw.json to find a siliconflow API key and agent model; reading that file is explainable for auto-config, but users should be aware it reads a user config file that may contain secrets for other providers.
Persistence & Privilege
always=false and the skill does not try to persist beyond its own data directory. It creates a local LanceDB file under the skill root (default data/memory.lance) and does not modify other skills or system-wide settings.
Assessment
This skill appears to do what it says: store and retrieve memories locally with optional cloud embeddings. Before installing, decide whether you are comfortable having memory text sent to a cloud embedding provider (default: siliconflow). If you prefer local-only operation, configure embedding_provider to 'ollama' (point to a local Ollama) or 'local_mock'. Inspect ~/.openclaw/openclaw.json because the skill will try to read it to auto-load an embedding API key and to infer agent models; if that file contains secrets you don't want accessed, remove or separate them. Confirm you are willing to install the declared Python packages and that storing the LanceDB file under the skill directory (or a configured path) is acceptable. If you need stronger guarantees, run the skill in an isolated environment or restrict outbound network access so embeddings cannot be sent to the cloud.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cacqjfphd2j59rvzhnr8axs82bqra
1.2kdownloads
0stars
3versions
Updated 2h ago
v0.1.3
MIT-0
MaxStormSpace@lilei0311
latest
Download

Memory Core(长期记忆核心)

Memory Core 为 OpenClaw Agent 提供跨会话的长期记忆能力:自动识别输入的意图与场景,并在检索阶段进行严格场景隔离,避免无关记忆污染当前会话。

功能特性

  • 记忆摄入:将用户关键事实写入长期记忆库
  • 记忆检索:按 Agent + 场景过滤后进行向量相似度搜索
  • 记忆遗忘:按记忆 ID 删除
  • 本地优先:LanceDB 文件本地持久化,默认不出机器

命令

在 OpenClaw Workspace 内运行({baseDir} 为技能目录):

python3 {baseDir}/scripts/main.py ingest --agent "main" --text "我是 Python 后端工程师,喜欢用 FastAPI。"
python3 {baseDir}/scripts/main.py retrieve --agent "main" --query "我擅长什么框架?"
python3 {baseDir}/scripts/main.py forget --id "<memory_id>"

配置

你可以创建 {baseDir}/config.json 来选择本地或云端向量化模型:

预算自适应(推荐开启)

默认会根据 agent_id~/.openclaw/openclaw.json 里对应的模型名做启发式分档,并自动选择检索预算:

  • small:400/1200
  • medium:600/1800
  • large:900/2700

如需固定预算,可在 config.json 里设置 auto_budget: false 并手工指定 max_chars_per_memory/max_total_chars

1) 使用本地 Ollama(推荐本地优先)

{
  "embedding_provider": "ollama",
  "embedding_model": "nomic-embed-text",
  "embedding_base_url": "http://localhost:11434",
  "auto_budget": true,
  "default_tier": "medium",
  "embedding_timeout_sec": 20,
  "embedding_max_input_chars": 2000,
  "max_results": 5,
  "max_chars_per_memory": 600,
  "max_total_chars": 1800,
  "min_score": 0.2
}

2) 使用云端 SiliconFlow(默认)

embedding_api_key 可留空,系统会尝试从 ~/.openclaw/openclaw.json 自动读取。

{
  "embedding_provider": "siliconflow",
  "embedding_model": "BAAI/bge-m3",
  "embedding_base_url": "https://api.siliconflow.cn/v1",
  "auto_budget": true,
  "default_tier": "medium",
  "embedding_timeout_sec": 15,
  "embedding_max_input_chars": 2000,
  "max_results": 5,
  "max_chars_per_memory": 600,
  "max_total_chars": 1800,
  "min_score": 0.2
}

Comments

Loading comments...