BrainX V5 — The First Brain for OpenClaw

What to check before installing/activating BrainX V5: - Review the hook and ingestion scripts (hook/handler.js, lib/openai-rag.js, lib/db.js, and cron/harvester scripts). Those are the runtime code that will read workspace/session files and call the embeddings API. - Understand data flow: conversations, session logs, and workspace MEMORY.md files may be read and stored into the Postgres DB, and text is sent to OpenAI's embeddings endpoint using OPENAI_API_KEY. If that data may contain PII or secrets, either disable auto-ingest or enable/validate the PII-scrub config (BRAINX_PII_SCRUB_ENABLED and related settings) and test it in a sandbox. - Keep the BrainX database isolated: use a dedicated Postgres instance and user with least privileges, and do not reuse production DB credentials that grant broader access. - Protect the OPENAI_API_KEY: it will be used to send data to OpenAI; confirm your data-handling policy and consider using an API key with appropriate organization/billing and retention settings. - Inspect BRAINX_ENV / .env usage: the skill can load env files; ensure those files do not contain other unrelated secrets or tokens you don't want the skill to read. - Backup/restore and optional cloud sync steps are operator-run. If you plan to enable automatic backup-to-cloud, verify those scripts to avoid accidental exfiltration. - If you do not want cross-agent sharing or automatic learning, do not enable the managed hook/crons or change config to restrict injection/auto-learning. If you want further assurance, provide specific files (hook/handler.js and lib/openai-rag.js) for a quick targeted review of network calls, data redaction code paths, and any external endpoints beyond OpenAI.

Static analysis detected API credential-access patterns, but both VirusTotal and OpenClaw confirmed this skill is safe. These patterns are common in legitimate API integration skills.