OpenClaw Universal Memory
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The code that would initialize schemas, ingest data, use connectors, and handle DSN configuration is not visible in the supplied artifacts, so its actual behavior cannot be verified here.
The reviewed manifest contains only SKILL.md, scripts/run_memory.py, and setup.json, while the launcher delegates all real work to an openclaw_memory.cli module that is not included for review.
"-m", "openclaw_memory.cli", args.action
Do not install or run this until the full package source, dependency files, and connector documentation are available and reviewed; pin trusted dependencies if packaging is added.
If broad database credentials are used, the skill or its underlying package could affect more data than intended.
The skill needs database credentials to read and write its Postgres memory tables; this is expected for the stated purpose, but it is sensitive authority.
DSN provided via environment variable (`DATABASE_DSN` by default).
Use a dedicated database or schema and least-privilege credentials limited to the intended um_* tables; avoid passing raw passwords in command-line arguments.
Private emails, messages, tasks, or other ingested records may remain searchable in Postgres until the user defines retention and deletion practices.
The skill stores source records, metadata, and cursor history for later search and retrieval, which is a persistent memory store.
A connector returns normalized records + next cursor: ... `raw_json` ... `meta_json` ... `next_cursor`
Only ingest sources you are authorized to process, restrict database access, define retention/deletion rules, and validate connector outputs before bulk ingestion.