Faya Session Memory
v1.0.0Persistent session memory system that prevents knowledge loss after context compaction. Converts session transcripts to searchable Markdown, builds an auto-u...
⭐ 0· 404·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description promise (persistent session memory, searchable Markdown, glossary, cron-based updating) matches the included scripts: session-to-memory.py converts session JSONL to Markdown, build-glossary.py builds a glossary index, and cron-optimizer.py suggests cron prompt improvements. All required operations (reading session logs, writing memory/*.md, generating reports) are present and appropriate for the stated purpose. Minor discrepancy: SKILL.md claims broader session-scanning semantics (e.g., scanning ~/.openclaw/agents/*/sessions/ and supporting --agent) while session-to-memory.py uses a fixed default (~/.openclaw/agents/main/sessions) and does not implement an --agent flag; this is a documentation/instruction mismatch rather than malicious functionality.
Instruction Scope
Runtime instructions tell the user/agent to run the shipped scripts and to create cron jobs to run them periodically. The instructions reference the right files and behavior, but include some inaccurate CLI/docs details: SKILL.md documents an --agent option and scanning wildcard paths that the converter script does not implement. The scripts read and write only local files under ~/.openclaw (sessions, workspace, cron JSON) and do not attempt to read other unrelated system paths or send data externally.
Install Mechanism
No install spec is provided (instruction-only skill with shipped scripts). Nothing is downloaded or executed from an external URL; scripts are plain Python files intended to be run locally. This is the lowest-risk install posture.
Credentials
The skill declares no required environment variables or credentials. The code optionally respects a WORKSPACE env var for the glossary builder; otherwise it uses user-home ~/.openclaw paths. The scripts operate on local session and cron JSON files only — there are no requests for unrelated secrets or cloud credentials.
Persistence & Privilege
always is false and the skill does not attempt to enable itself, modify other skills, or write to global system configuration. It writes files under the user's ~/.openclaw/workspace/memory/ and ~/.openclaw/cron report locations, which is expected for a local memory/indexing tool. Cron jobs are suggested but not auto-installed.
Assessment
This skill appears to do what it says: convert local OpenClaw session logs into Markdown, build a searchable glossary, and suggest cron-based updates. Before installing/running it, consider the following:
- Review the scripts locally — they read and write files under your home directory (~/.openclaw/...). If your session logs contain very sensitive data (passwords, private keys, personal PII), decide whether you want those written into new Markdown transcripts or included in vector search indexes.
- Note the documentation mismatch: SKILL.md mentions scanning multiple agent folders and a --agent option that session-to-memory.py does not implement. The scripts mainly target ~/.openclaw/agents/main/sessions and ~/.openclaw/workspace/memory; if you have multiple agents, adapt the script or run it per-agent manually.
- The tool does not contact external servers or require credentials, and it does not auto-install cron jobs; you must create cron entries yourself if you want automated runs.
- Test on a copy: run the scripts in a safe test workspace or with a small set of session files (use --new/--force flags where applicable) to verify outputs and truncation behavior meet your privacy expectations.
If you want higher confidence, provide: (1) sample session file paths you use (to confirm the script will find them), or (2) any custom agent layout so we can confirm the script will target the right directories. If the skill claimed networked features or required secrets, that would raise concerns — it does not.Like a lobster shell, security has layers — review code before you run it.
latestvk9748fzk6qq7nmdz4jqzj14vx981pjzd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.