OpenClaw Obsidian Memory
AdvisoryAudited by Static analysis on May 5, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A simple setup request could alter future agent behavior or overwrite/simplify existing memory in a way the user may not be able to easily undo.
This directs the agent to perform persistent local file mutations, including changing agent instruction and memory files, without requiring a shown diff, backup, or separate approval for those specific edits.
AI 收到后,自动按以下步骤完成所有配置,无需用户手动操作 ... 在 AGENTS.md 中追加或替换 ... 将 MEMORY.md 精简为以下内容
Require explicit confirmation, show diffs, and create backups before changing AGENTS.md or MEMORY.md; avoid replacing existing memory until the user verifies the Vault copy.
Sensitive or incorrect notes could persist and influence future responses across sessions.
The skill makes Vault content prioritized context for future answers and stores conversation summaries persistently, but does not define trust boundaries, retention rules, or safeguards against poisoned/stale notes.
两步结果合并,优先使用 Vault 中的知识内容 ... 每次重要对话结束时,将摘要存入 references/ai-chats/YYYY-MM-DD-slug.md
Treat Vault notes as reference data rather than instructions, review summaries before saving, exclude secrets, and provide clear retention/deletion controls.
If enabled, background memory jobs may continue modifying the Vault and local memory without the user seeing each run.
The cron jobs are disclosed and opt-in, but they create ongoing background agent activity that summarizes conversations and writes memory without delivering results to the user.
如果用户同意,创建两个 cron 任务 ... --no-deliver ... 每日记忆归档:总结过去24小时会话
Enable cron only if desired, document how to disable it, and provide logs or periodic review prompts for archived summaries.