Graph Memory
Security checks across malware telemetry and agentic risk
Overview
Graph Memory is a coherent memory plugin, but it automatically stores conversations, sends derived content to configured AI providers, and reuses memories across sessions, so users should review its data-handling carefully.
Use this only if you are comfortable with a persistent memory engine for your OpenClaw conversations. Before installing, decide whether conversations may contain secrets, choose trusted LLM/embedding endpoints, verify where the SQLite database is stored, and look for a way to clear or scope stored memories.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Sensitive details or bad instructions from old conversations could persist and influence future agent behavior across sessions.
This shows automatic persistent storage of all conversation messages and automatic reuse in later prompts.
Message in → ingest ... All messages saved to gm_messages ... turn_index continues from DB max (survives gateway restart) ... Next session → before_prompt_build ... inject into context
Install only if you want persistent cross-session memory; avoid sharing secrets, review the database location, and look for or request clear delete, retention, opt-out, and session-scoping controls.
A chosen provider may receive parts of your conversations or derived memory content.
The plugin sends conversation-derived content to a configured LLM-compatible provider for extraction and summaries.
LLM (`config.llm`) — Required. Used for knowledge extraction and community summaries. Any OpenAI-compatible endpoint works.
Use only trusted providers or local endpoints, check provider retention policies, and avoid putting secrets into conversations that will be ingested.
Misconfigured or overbroad API keys could incur cost or send data to an unintended provider.
The README requires provider credentials or an environment-variable fallback, even though registry metadata declares no primary credential or required env vars.
"apiKey": "your-llm-api-key" ... "apiKey": "your-embedding-api-key" ... falls back to the `ANTHROPIC_API_KEY` environment variable
Use separate least-privilege keys where possible, store them securely, and verify the configured baseURL before enabling the plugin.
Running the installer gives an external binary local ability to modify OpenClaw setup.
The optional Windows installer is a downloaded executable that changes local OpenClaw configuration and restarts a service.
Download `graph-memory-installer-win-x64.exe` ... it auto-detects your OpenClaw installation ... configures `plugins.slots.contextEngine`, adds the plugin entry, and restarts the gateway
Prefer the package-manager install path when possible, or verify the release source/signature before running the Windows installer.