ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

pensieve-algorand

Long-term episodic memory for OpenClaw with append-only hash-chained local layers, daily dream-cycle consolidation, AES-GCM encrypted Algorand anchoring, and...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
2 · 371 · 1 current installs · 1 all-time installs
by@pitertxus
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (encrypted Algorand anchoring of local memory) match the requested capabilities: algosdk and cryptography are required, and the server requires an Algorand wallet + AES key. There are no unrelated credentials or unexpected binaries requested.
Instruction Scope
SKILL.md instructs running server.py as an MCP server and to provide ALGORAND_WALLET_MNEMONIC and ALGORAND_NOTE_KEY_HEX in env vars. It documents append-only paths, encrypt-before-anchor rules, and validation steps. The server reads workspace paths and optional local .secrets fallbacks (explicitly documented as local-dev only). This is in-scope for the stated functionality, but you must be aware the runtime will read secret env vars or fallback files and will sign/send transactions to the Algorand network.
Install Mechanism
No opaque download/install is embedded. The repo lists standard Python packages (mcp, algosdk, cryptography) and SKILL.md instructs pip install of those packages — a normal, traceable install mechanism for a Python MCP server.
Credentials
Required secrets (mnemonic, AES key) are proportional to the functionality (blockchain anchoring + encryption). The skill does not request unrelated tokens or extra credentials. It also allows (documented) local file fallbacks; those are reasonable for development but increase risk if misused.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent platform-wide privileges or modify other skills. It exposes MCP tools as intended for this use case.
Assessment
This skill appears to do what it says: it will read a wallet mnemonic and an AES key (from env vars or local .secrets files) to encrypt and anchor your local memory to the Algorand blockchain. Before installing: (1) review server.py yourself or run it in an isolated environment; (2) use a dedicated low-balance anchoring wallet (do not reuse your main ops wallet) and rotate/delete that wallet if you stop using the skill; (3) prefer env vars over local fallback files and secure them (chmod 700/.secrets); (4) run pensieve_anchor in dry-run mode and pensieve_validate to confirm expected behavior; (5) confirm logs never contain mnemonic/key (the project states this, but verify). If you cannot review the code, treat the mnemonic as highly sensitive and consider running only in a sandbox or using a temporary wallet.

Like a lobster shell, security has layers — review code before you run it.

Current versionv3.0.0
Download zip
latestvk975rnk9p3qy80betyc97jv8yn82x7fr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

OpenClaw Memory Pensieve v3.0.0

MCP server

All functionality is in one file: server.py.

Register it in Claude Code settings:

{
  "mcpServers": {
    "pensieve": {
      "command": "python3",
      "args": ["/path/to/server.py"],
      "env": {
        "OPENCLAW_WORKSPACE": "/path/to/workspace",
        "ALGORAND_WALLET_ADDRESS": "<address>",
        "ALGORAND_WALLET_MNEMONIC": "<25-word mnemonic>",
        "ALGORAND_NOTE_KEY_HEX": "<64 hex chars = 32 bytes>",
        "ALGORAND_ALGOD_URL": "https://mainnet-api.algonode.cloud",
        "ALGORAND_INDEXER_URL": "https://mainnet-idx.algonode.cloud"
      }
    }
  }
}

Install dependencies (one-time):

pip install mcp algosdk cryptography

Tools

ToolPurpose
pensieve_captureAppend an event to the hash-chained ledger (deduplicates by content)
pensieve_dream_cyclePromote 24 h recurring patterns into semantic / procedural / self_model
pensieve_anchorEncrypt + anchor today's memory to Algorand (idempotent, auto-chunks)
pensieve_validateRun v2.1 hardening: chain integrity, decrypt, parity, chunk hashes
pensieve_recoverReconstruct memory from blockchain for a given date
pensieve_statusLayer counts, chain tip, last anchor date, today's cost estimate

Daily workflow

  1. Capture events throughout the day with pensieve_capture.
  2. At end-of-day, run pensieve_dream_cycle to consolidate patterns.
  3. Run pensieve_anchor to encrypt and commit to Algorand.
  4. Run pensieve_validate — only trust recovery claims when ok=true.

Mandatory operational rules

  • All *.jsonl files are append-only. Never rewrite or delete lines.
  • Secrets stay in env vars (or .secrets/). Never print them in chat.
  • Anchor encrypted payloads only — never plaintext memory.
  • Treat pensieve_validate failures as blocking for disaster-recovery claims.

Security

Sensitive values are read from environment variables at runtime:

  • ALGORAND_WALLET_MNEMONIC — never logged, never written to disk by the server.
  • ALGORAND_NOTE_KEY_HEX — 64 hex chars (32-byte AES key).

Fallback to .secrets/algorand-wallet-nox.json and .secrets/algorand-note-key.bin is supported for local development only. Prefer env vars in all deployments.

Use a dedicated low-balance anchoring wallet. Fund it with enough ALGO for your expected daily TX volume (see cost model in server.py module docstring). Never reuse the main OpenClaw operations wallet for anchoring.

Recovery

# Recover and inspect
pensieve_recover(date="2026-03-14")

# Recover and write files to memory/recovered/
pensieve_recover(date="2026-03-14", restore=True)

Architecture reference

See references/architecture.md for memory layer model and integrity guarantees. See references/hardening-v21.md for the v2.1 pass/fail contract.

Files

7 total
Select a file
Select a file to preview.

Comments

Loading comments…