Memory Extraction
ReviewAudited by ClawScan on May 10, 2026.
Overview
This memory skill is purpose-aligned, but it asks the agent to automatically store broad personal and relationship details in persistent memory without clear consent, retention, or deletion controls.
Review this skill carefully before installing. It is not showing exfiltration or destructive behavior, but it is designed to build persistent memory from conversations, including sensitive personal and relationship details. Only use it if you want that behavior and can review, correct, and delete saved memories.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private or inaccurate details about the user and their relationships could be saved and reused in later conversations.
The skill directs the agent to persist broad sensitive personal and social information, but the artifacts do not define consent, review, retention, deletion, or correction controls.
主动识别并记录以下类型的信息:- Basic Identity: 年龄、性别、位置、职业、教育 ... - Relationships: 人际关系(3 度以内)
Use only with explicit opt-in memory behavior, require confirmation before saving sensitive facts, and provide an easy way to inspect, edit, and delete stored memory.
The agent may save assumptions or sensitive facts without the user noticing, affecting future answers and behavior.
The instructions make persistent memory mutation an automatic workflow and do not specify user approval or preview before creating entities, relations, or observations.
识别新信息 → 提取 Entity/Relation/Observation → 写入知识图谱 (create_entities / create_relations / add_observations)
Require the agent to show proposed memory changes and get user approval before writing them, especially for identity, contact, location, health, financial, or relationship data.
If a separate helper script is supplied later, its behavior could differ from the reviewed instruction-only package.
The skill references a helper manager file, while the supplied package contains only SKILL.md and _meta.json, so that implementation cannot be reviewed from the provided artifacts.
- 管理器: `scripts/knowledge_graph_manager.py`
Verify any referenced helper files or MCP memory server implementation before granting write access to persistent memory.