永久记忆系统
AdvisoryAudited by Static analysis on May 2, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private or sensitive information shared in ordinary chats could be retained indefinitely and reused in later sessions.
The skill explicitly instructs the agent to log all conversation content, not just user-approved memories, into persistent daily files.
所有对话内容都追加到 `memory/YYYY-MM-DD.md`,即使看起来不重要的闲聊也记录。
Use only with explicit consent and clear controls for what is saved; add opt-in recording, exclusions for secrets/private data, retention limits, and true deletion.
Future responses may be shaped by old or poisoned memory content that the user did not intend to make authoritative.
Persisted memory is automatically loaded into future sessions, so stale, incorrect, or maliciously inserted memory entries could influence later agent behavior.
新会话开始
└── 读取 MEMORY.md + 最新日记 → 上下文完整继承Treat stored memory as untrusted context, show sources and dates, allow review before reuse, and provide a way to quarantine or delete questionable entries.
The agent may save information to persistent files when the user expected the conversation to remain temporary.
The skill directs automatic local file mutation without making per-write user approval or recording scope clear.
无需手动调用。技能自动生效: - 告诉太初重要的事 → 自动写入记忆
Require explicit user confirmation for recording, provide a visible recording status, and support a search-only or manual-save mode.
A user may believe sensitive memories were removed when they are still present in local memory files.
The wording presents a delete/forget action while also saying the system does not actually delete automatically, which can mislead privacy expectations.
可以告诉太初"删除关于 xxx 的记忆",但系统永远不会自动删除,只会标记过期。
Clearly distinguish 'mark expired' from deletion, and implement a true purge command with confirmation and audit output.