memory-latch
v1.0.2Detect and recover from context resets, memory/index outages, and cache clears with deterministic, trust-preserving reconstruction. Use when continuity break...
⭐ 0· 97·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description match the runtime instructions: the skill focuses on local recovery, manifests, checksums, locking, and consent tokens. Required capabilities are proportionate to the stated goal. Note: advanced modes (hmac, wallet) are optional and require external secret/signer configuration that is not further specified in the skill metadata.
Instruction Scope
SKILL.md confines operations to a workspace-local .memory-latch directory, describes explicit path safety checks, symlink rejection, and atomic write behaviour. It explicitly states default local-only/no-network behaviour and prohibits storing raw secrets in the manifest. The only scope ambiguity is the 'pre-configured secret storage' and 'wallet mode' mentioned as opt-in without details on how those are supplied or accessed.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk by an installer. This is the lowest-risk install posture.
Credentials
No environment variables, credentials, or config paths are required by default, which is proportional. Optional HMAC/wallet modes would need secrets/signers, but those are explicitly opt-in; the skill does not declare how such secrets would be provided (no env vars listed), so users should not enable those modes unless they understand and control the secret storage mechanism.
Persistence & Privilege
always:false (no forced inclusion). The skill instructs writing to workspace (.memory-latch/_manifest.md, tokens.json) and requires writable filesystem semantics (atomic rename, fsync). Autonomous invocation is allowed by default on the platform, which is expected; there is no request to modify other skills or system-wide agent configs.
Assessment
This skill appears internally consistent and constrained to the agent workspace: it will create and manage .memory-latch/_manifest.md, a lock file, and tokens.json, enforce path/symlink safety, and operate in a fail-closed way. Before installing: (1) ensure the agent runs in a sandboxed workspace you control (so manifest/tokens stay local), (2) confirm filesystem semantics (atomic rename, fsync) are supported, (3) do NOT enable HMAC/wallet modes unless you explicitly configure a secret signer store and understand where those secrets live, and (4) test recoveries in a non-production environment to verify behavior. Confidence is medium because this is an instruction-only skill (no runtime code to inspect); if you need higher assurance, ask the publisher for details about how optional secret/wallet integrations are intended to be wired and audited.Like a lobster shell, security has layers — review code before you run it.
agent continuityvk9773z3r6adv86jhm6c13mw8b583af42consent gatevk974mqss64nh5xkga0jp6dbvxh83b5w7context resetvk9773z3r6adv86jhm6c13mw8b583af42fail closedvk9773z3r6adv86jhm6c13mw8b583af42latestvk9773z3r6adv86jhm6c13mw8b583af42lost contextvk9773z3r6adv86jhm6c13mw8b583af42memory recoveryvk9773z3r6adv86jhm6c13mw8b583af42self-learningvk9773z3r6adv86jhm6c13mw8b583af42state recoveryvk9773z3r6adv86jhm6c13mw8b583af42
License
MIT-0
Free to use, modify, and redistribute. No attribution required.