Faya Session Memory
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: faya-session-memory Version: 1.0.0 The OpenClaw AgentSkills skill bundle 'faya-session-memory' is designed to enhance an AI agent's long-term memory by converting session transcripts to searchable Markdown, building a glossary, and setting up cron jobs for continuous indexing. All file operations in `scripts/build-glossary.py`, `scripts/cron-optimizer.py`, and `scripts/session-to-memory.py` are confined to the OpenClaw workspace or user home directory, specifically targeting session logs and memory files. The `SKILL.md` instructions guide the agent to set up cron jobs and use a 'Cron Memory Optimizer' to suggest memory-enhancing preambles for existing cron job prompts, which is a transparent self-improvement mechanism for the agent, not a malicious prompt injection. There is no evidence of data exfiltration, unauthorized remote execution, persistence mechanisms beyond the stated cron jobs, or obfuscation. The code and instructions are aligned with the stated purpose and lack any indicators of intentional harmful behavior.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private conversations, names, decisions, file paths, or secrets from old sessions may be retained and resurfaced in later tasks.
The skill is designed to copy broad historical session content into persistent files that future memory search can retrieve and reuse.
Layer 3: memory/sessions/ — Full session transcripts as searchable Markdown ... automatically vectorized by OpenClaw's memory search ... scans all JSONL session logs in ~/.openclaw/agents/*/sessions/
Use explicit path/session allowlists, secret/PII redaction, retention and deletion controls, and manual review before enabling broad or automatic indexing.
Future memory recall may misidentify the user or import unrelated personal context into conversations.
Every persisted user message is labeled with the hardcoded name `Dirk`, regardless of the actual user.
elif role == "user": ... lines.append(f"**Dirk:** {content}")Replace the hardcoded name with a neutral label such as `User`, or make the name an explicit user-configured setting.
The generated memory glossary can contain unrelated identities or false matches, poisoning search results and long-term context.
The glossary builder ships with pre-populated, non-generic people and project definitions instead of an empty or user-supplied entity list.
KNOWN_PEOPLE = { "annika": "Annika Reiß ...", "wolf": "Wolf ...", "tony": "Tony Robbins ..." }Remove the bundled defaults, use placeholder examples only in documentation, and require each user to configure their own entity list.
Once configured, the memory system can continue accumulating private session data without the user noticing each run.
The background behavior is disclosed and user-created, but it keeps indexing session history on an ongoing schedule.
Create two cron jobs ... Session sync + glossary rebuild (every 4-6 hours) ... Run `python3 scripts/session-to-memory.py --new`
Only create the cron jobs after reviewing the scripts, document how to disable them, and periodically audit generated memory files.
It is harder to verify maintainership, updates, or intended defaults before running the scripts on private data.
The artifacts do not provide a public source or homepage for provenance, which matters because the scripts process sensitive local session history.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Verify the publisher and review the included scripts locally before running them against real session logs.