Lucid Dreamer
ReviewAudited by ClawScan on May 10, 2026.
Overview
Lucid has a coherent memory-review purpose, but its nightly prompt can automatically edit and commit long-term memory even though the documentation and config say auto-apply is off by default.
Install only if you are comfortable with a scheduled agent reading your memory files. Before enabling cron, verify that auto-apply is truly disabled or intentionally enabled, avoid storing secrets in the notes it reads, and review any automatic memory edits or git commits.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your AI memory could be changed automatically overnight, and future agents may rely on those changes before you review them.
The scheduled agent is instructed to directly modify long-term memory files and commit those changes. The prompt does not clearly condition this on `autoApply.enabled`, despite the shipped config and docs saying auto-apply is disabled by default.
### Step 7: AUTO-APPLY high-confidence safe changes ... Edit the relevant `memory/sections/*.md` file(s) directly when sectioned memory exists; otherwise edit `MEMORY.md` ... `git commit -m "dreamer: auto-apply"`
Require an explicit `autoApply.enabled: true` check before Step 7, and default to report-only behavior unless the user clearly opts in.
A user may install it expecting only suggestions, while the scheduled prompt may make some memory changes automatically.
This framing suggests review-only, user-controlled behavior by default, but the nightly prompt contains an auto-apply workflow that edits and commits memory without a clear default-off gate.
Auto-apply and aggressive cleanup are disabled by default ... Review generated reports before approving suggestions — Lucid proposes changes, but you remain in control
Align the prompt with the safety claims: make auto-apply explicitly opt-in, document exactly when it runs, and show the setting checked at runtime.
A mistaken review could be reinforced later and potentially cause useful memory entries to be removed.
The prompt forbids reading previous generated reviews to prevent circular reasoning, then later allows using a previous review for cleanup. If cleanup is enabled, generated review content could influence future deletions.
### Step 5: NEVER read previous reviews ... Do NOT read any files matching `memory/review/*.md` ... ### Step 7a: Aggressive Cleanup ... Scan Open Loops and Blockers from the previous review (or from MEMORY.md directly)
Do not use previous review files as cleanup inputs; base cleanup only on curated memory plus raw daily notes, and require approval for removals.
The skill may read and update memory files on a schedule without you actively invoking it each time.
The skill is intentionally designed as a scheduled background agent. This is disclosed and purpose-aligned, but users should understand it will operate while unattended.
Create a nightly cron job using OpenClaw's cron tool — run the prompt in `prompts/nightly-review.md` at 3 AM.
Install the cron only if you want unattended operation, keep it in an isolated session, and periodically review or disable the scheduled jobs.
Private notes and user-profile details may be processed by the model and summarized into persistent memory artifacts.
The skill handles personal profile and memory files and stores review state. This is expected for the purpose, but it is sensitive persistent context.
Files read at runtime: `MEMORY.md`, `USER.md`, Last 7 daily notes ... Files written at runtime: `memory/review/YYYY-MM-DD.md`, `memory/review/state.json`
Do not use it on markdown files containing plaintext secrets, and review generated reports and memory changes regularly.