Install memex — cross-AI memory
WarnAudited by ClawScan on May 16, 2026.
Overview
This skill is transparent about installing local cross-AI memory, but it creates a persistent index of private conversations and notes and uses a remote installer, so users should review it carefully before approving.
Only install this if you truly want a persistent, local, cross-agent memory of your AI conversations and related sources. Before approving the curl installer or daemon, inspect the script, understand which folders will be indexed, confirm how to disable or delete the memory database, and connect only trusted MCP clients.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private AI chats, notes, and chat exports may be stored verbatim and resurfaced in future sessions, including contexts where the user did not expect older material to influence the agent.
The skill explicitly creates a broad, persistent memory corpus from private conversations and other local sources, then makes it reusable by agents.
captures the user's AI conversations across Claude Code, Cowork (including subagents), Cursor, Obsidian, and Telegram exports into a searchable SQLite + FTS5 index that any MCP-compatible agent can query
Install only if you want this broad memory behavior. Before approving, check whether memex supports source exclusions, deletion/retention controls, and a way to disable auto-context injection.
A client or agent connected to memex may be able to retrieve history originally produced in other tools, projects, or contexts.
The shared MCP corpus can be queried by multiple clients, but the artifacts do not describe per-client permissions or boundaries.
Any MCP-compatible agent can then query that corpus through 18 standard tools
Use this only with agents and MCP clients you trust, and look for access-control or per-source scoping options before connecting additional clients.
Memex may keep indexing new conversations or exports automatically after install, including across reboots or logins.
The install creates persistent background behavior that continues watching private local directories after the original installation task.
`memex-sync install` (LaunchAgent) | Registers a macOS LaunchAgent so memex daemon auto-starts on login. ... watches `~/.claude/projects/`, `~/Downloads/Telegram Desktop/`, etc.
Confirm that you want the daemon before approving `memex-sync install`, and ask for uninstall/disable instructions if you only want manual indexing.
Approving the one-liner trusts the remote script and npm package to modify local configs, install a daemon, and index local data.
The default path runs a hosted shell script whose contents are not included in the submitted skill artifacts, and that script performs high-impact local setup.
`curl -fsSL https://memex.parallelclaw.ai/install.sh | bash` | Fast-path installer
Inspect the installer first, prefer pinned package versions where possible, and only run it from a trusted network and source.
Using sudo for npm can change system-level Node package locations and increases the impact of a compromised package or installer.
The skill may ask for administrator-level npm installation in one recovery path, though it discloses that this is optional and not the default.
`sudo npm install -g memex-mvp` | Offered as Plan A on EACCES if user explicitly wants quick ... Skill never runs sudo without explicit user "yes".
Prefer the documented no-sudo npm prefix fix unless you specifically understand and accept the admin-level install.
A user might over-assume that every step is offline, even though installation requires downloading code and packages.
The local-first privacy claim is central to the pitch; the same artifacts also disclose network-dependent install steps, so users should read the claim with those exceptions in mind.
No cloud. No account. No data leaves your machine.
Treat the privacy claim as applying to the intended memex runtime, not to installer downloads; review any optional URL-saving or proxy behavior separately.