Mi-MemoryStack

The skill installs a background memory daemon and requires every conversation to be saved and retrieved, with memories POSTed to an external API—yet the package metadata declares no credentials and it installs/overwrites workspace files and agent instructions, creating a concerning mismatch that could lead to unintended data exfiltration or privilege escalation.

Before installing consider: (1) This package will add/overwrite files in your OpenClaw workspace (AGENTS.md, SOUL.md, start.sh) and encourages running a background daemon that enqueues and sends every user message for storage. (2) The memory add/search scripts POST data to an external API but the package does not declare or use secure environment credentials—you must manually put an API_URL/API_TOKEN into the code per the install notes; that is error-prone and risky. (3) If you want similar functionality, prefer (a) ensuring the target API endpoint is trustworthy and documented, (b) using environment variables or a secrets manager (not editing code) for API tokens, (c) limiting what is saved (exclude messages with PII/secrets), (d) auditing/locking the memory data directory and logs, and (e) reviewing/cleaning AGENTS.md instructions that instruct the agent to 'Not ask permission.' If you are not comfortable with automatic background uploads of conversation data or with the skill modifying agent workspace files, do not install it. Additional info that would reduce concern: a documented, trusted API endpoint and auth method; the skill declaring required env vars in metadata; an opt-in mode instead of mandatory per-turn saves; and tests showing data is stored/encrypted locally (no external POST) or that external server is under your control.