Memory Manager
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is a coherent local memory-management tool, but users should understand that it persistently stores, snapshots, searches, and can reorganize local agent memory files.
This appears safe to use as a local memory utility if you are comfortable with persistent memory files under ~/.openclaw/workspace/memory. Before enabling the suggested heartbeat automation, review what it will snapshot and organize, avoid putting secrets in memory, and periodically delete old snapshots or legacy files you no longer need.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private agent context may be preserved longer than expected and later searched or reused by the agent.
The snapshot command copies portions of episodic, semantic, and procedural memory files into a new persistent snapshot file, which is expected for the skill but can retain sensitive or stale context.
tail -n 30 "$file" >> "$SNAPSHOT_FILE" ... head -n 20 "$file" >> "$SNAPSHOT_FILE"
Avoid storing secrets in memory files, periodically review and prune snapshots, and treat retrieved memory as context to verify rather than unquestioned truth.
A mistaken invocation could move the wrong local file or reorganize memory content in an unintended way.
Manual categorization moves a user-specified source file into the memory structure. This is purpose-aligned, but it is a local file mutation and depends on the caller choosing the intended file and destination name.
SOURCE="$3" ... mv "$SOURCE" "$DEST"
Use categorize only on files you intend to move, prefer files already under memory/legacy, and check source and destination paths before confirming.
The skill may keep checking, snapshotting, or organizing memory on a schedule if added to a heartbeat workflow.
The documentation recommends recurring heartbeat execution. It is disclosed and aligned with memory maintenance, but it creates ongoing automated activity if the user adopts it.
## Memory Management (every 2 hours) 1. Run: ~/.openclaw/skills/memory-manager/detect.sh 2. If warning/critical: ~/.openclaw/skills/memory-manager/snapshot.sh 3. Daily at 23:00: ~/.openclaw/skills/memory-manager/organize.sh
Only add the heartbeat block if you want recurring memory maintenance, and review the generated snapshots and organization changes periodically.