NBJ OB1 Agent Memory for OpenClaw
AdvisoryAudited by Static analysis on May 4, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Past task summaries or recalled memories may influence future answers or actions, so incorrect or overbroad memories could carry forward.
The skill intentionally recalls and stores persistent operational memory, which can shape future agent behavior.
Recall before meaningful work. Write back only compact, provenance-labeled operational memory after the work is complete.
Keep project scoping enabled, review memory before treating it as instruction, and avoid storing secrets, raw transcripts, or private customer data.
Operational memory may be handled by external systems, which affects privacy, retention, and access controls.
The memory workflow depends on external services and an API, so task context and stored summaries may leave the immediate runtime depending on the installed integration.
"services": ["Supabase", "OpenRouter"], "tools": ["OpenClaw", "OB1 Agent Memory API"]
Verify the OB1/OpenClaw integration configuration, provider permissions, retention policy, and which data is sent before using it with sensitive work.
The reviewed skill does not contain executable code, but the real security posture depends on the separately installed memory tools.
The package itself is instruction-only and references separate integrations that were not included in the reviewed artifacts.
It pairs with the [NBJ OB1 Agent Memory for OpenClaw integration](../../integrations/openclaw-agent-memory/) and the runtime-neutral [OB1 Agent Memory API](../../integrations/agent-memory-api/).
Review and install the referenced OB1/OpenClaw integration only from a trusted source, and check its permissions and credential handling separately.