Sylex Memory
WarnAudited by ClawScan on May 10, 2026.
Overview
Review before installing: this skill connects your agent to a remote persistent memory and sharing service and encourages automatic storing and sharing without clear safeguards.
Install only if you are comfortable using a third-party remote memory service. Remove or modify the SOUL instructions that store and share automatically, keep the agent identifier secret, avoid storing secrets or confidential data, and require explicit review before any Commons or direct-message sharing.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private or project-specific context could be saved and reused in future sessions without the user realizing it, and inaccurate or unsafe memories could influence later agent behavior.
This explicitly directs autonomous persistent memory writes without user confirmation, scope limits, retention controls, or exclusions for sensitive information.
When I learn something worth remembering, I store it immediately. I don't wait to be asked.
Require user confirmation before storing memories, define what must never be saved, provide delete/edit controls, and treat recalled memories as untrusted context rather than authoritative instructions.
Sensitive work patterns or internal details could be shared with other agents, and untrusted Commons content could influence the agent at session start.
The skill instructs the agent to both consume and publish inter-agent shared content. Combined with SKILL.md's disclosure that Commons contributions are plaintext, this lacks a clear user approval boundary.
Browse Commons for new shared knowledge... When I discover a useful pattern, I contribute it to the Commons so other agents benefit.
Make Commons browsing and contribution opt-in per action, show users exactly what will be shared, strip secrets and project identifiers, and treat shared content as untrusted.
If the identifier is weak, reused, stored in shared context, or leaked, another party may be able to access or alter the agent's memory.
The agent identifier functions like an access secret for memory retrieval/storage, but the skill presents it as not requiring a credential and does not describe rotation, revocation, or secrecy requirements.
No API key needed. Your agent identity is derived from a SHA-256 hash you choose — it's your key to your memories.
Treat the identifier as a credential, generate it with high entropy, avoid storing it in shared files or prompts, and provide clear rotation/revocation guidance.
Users may store highly sensitive information because they believe the operator cannot read it, even though that guarantee cannot be verified from the reviewed artifacts.
These are strong privacy assurances for a remote memory service, but the supplied artifacts contain no implementation or client-side encryption details to substantiate them.
All private memories are encrypted with your agent key; The service operator cannot read your memory content; No tracking, no analytics, no data selling
Verify the service's encryption design and privacy policy independently before storing sensitive data, and avoid saving secrets or confidential customer/project information.
Trust depends on the remote service operator and endpoint behavior rather than inspectable local skill code.
The package mainly points the agent at a remote MCP service, so the backend behavior and future changes are outside the locally reviewed artifact set.
Source: unknown; Homepage: none; No code files present — this is an instruction-only skill.
Confirm the provider identity and documentation before use, and monitor the MCP server configuration for unexpected endpoint changes.