ClawHub

Memory Oracle

v1.0.2

Persistent structured memory system for OpenClaw agents with SQLite storage, hybrid search (FTS5 + decay scoring), rule-based capture, LLM-powered daily refl...

0· 76·0 current·0 all-time
byOleg@oleglegegg
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (persistent structured memory with SQLite, FTS5, capture/recall, nightly reflection) match the included scripts (capture.py, recall.py, init_db.py, consolidate.py, reflect.py, maintenance.py) and config. Optional ANTHROPIC_API_KEY for HEAVY (LLM) work is consistent with the stated nightly consolidation/reflect steps.
Instruction Scope
SKILL.md and the agent protocol instruct the agent to run recall before replies and capture after replies, and to checkpoint SESSION-STATE.md on compaction — this legitimately requires reading/writing local files (MEMORY.md, SESSION-STATE.md, daily logs) and the SQLite DB. That behavior aligns with the purpose but means the skill will ingest and persist potentially sensitive conversation contents locally; the HEAVY pipeline also sends selected daily logs to Anthropic when the API key is provided (explicitly documented).
Install Mechanism
There is no opaque remote installer: the repo contains install.sh/uninstall.sh and pure-Python scripts. install.sh initializes the DB, imports existing MEMORY.md, and optionally writes a nightly cron job. No downloads from untrusted URLs or archive extraction are present in the provided files. Installation modifies user crontab and filesystem under the user's workspace (expected for this functionality).
Credentials
Only one optional credential is referenced: ANTHROPIC_API_KEY for the HEAVY pipeline which uses an external LLM (Claude). That is proportionate to the declared functionality. There are no other unrelated secret env vars requested. Be aware that using the HEAVY pipeline means some memory text will be sent to an external LLM service (user-controlled by providing the key).
Persistence & Privilege
always:false, user-invocable:true, and model invocation is permitted (normal). The installer optionally writes a nightly cron job under the user's crontab (user-level persistence only). The skill does not request system-wide privileges or modify other skills' configs automatically; it prints snippets for manual AGENTS.md / compaction edits.
Assessment
This skill appears to implement what it claims: a local SQLite-backed memory system with rule-based capture and optional LLM-powered nightly reflection. Before installing, consider: - Sensitive data exposure: The LIGHT path (capture/recall) runs locally and stores conversation content in a SQLite DB and daily logs. If you store sensitive PII, API keys, or secrets in conversation or session files, those will be recorded. Decide whether you want those saved and adjust settings (paths, delete/retention thresholds) accordingly. - External LLM use is explicit: The HEAVY pipeline (consolidate/reflect) will send daily logs / memory content to Anthropic/Claude if you set ANTHROPIC_API_KEY. If you do not want any data sent to an external LLM, do not set the key and/or skip cron setup (the LIGHT features still work). - Cron and secrets: The installer can add a nightly cron job. If you put an API key directly into a crontab entry or otherwise make it visible in system config, that can expose the key to other local users/processes—prefer storing the key in a secure file or environment management mechanism and double-check what gets written into your crontab. - Backups & cleanup: The installer/backups appear to be conservative (it creates a pre-oracle MEMORY.md backup and the uninstaller exports state). Review the printed AGENTS.md and compaction snippets before pasting them into your agent config. - Code quality notes: Some helper functions in the sample (e.g., utcnow()) and truncated examples in the provided evaluation snippet look buggy or incomplete; that is not evidence of malicious intent but you should run tests (tests/*) and review scripts in a safe environment before enabling cron/HEAVY tasks on a production agent. If you are comfortable with local persistence of conversation history and optionally sending condensed daily summaries to Anthropic, this skill is coherent with its stated purpose. If you want to avoid any remote transmission, skip providing ANTHROPIC_API_KEY and skip cron installation (run HEAVY tasks manually if needed).

Like a lobster shell, security has layers — review code before you run it.

latestvk9716esr9dyg29ff7pnztp5ghh83gk5x

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments