Mem0 1.0.0
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent Mem0 memory skill, but it persistently stores conversational context and uses an OpenAI API key, so users should review privacy and setup implications.
This skill appears purpose-aligned and not malicious from the provided artifacts. Before installing, be comfortable with persistent memory, OpenAI-backed memory extraction, local storage under ~/.mem0, and the ability to list or delete stored memories when needed.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The assistant may remember and reuse personal context across conversations, including preferences, work details, or family context.
The skill intentionally creates persistent memories that can influence later responses. This is purpose-aligned, but incorrect or overly broad stored memories could affect future conversations.
automatically learns and recalls user preferences, patterns, and context across all interactions
Install only if you want persistent memory. Periodically review stored memories and use the delete commands for anything inaccurate or no longer wanted.
Memory operations may use the user's OpenAI account and could incur API usage; conversation content passed for memory extraction is processed by the configured OpenAI provider.
The skill uses the user's OpenAI API key for embeddings and memory extraction, even though the registry metadata lists no required environment variables or primary credential.
apiKey: process.env.OPENAI_API_KEY || ""
Use an appropriate scoped OpenAI key, monitor usage, and avoid storing secrets or highly sensitive information.
The skill depends on the local Node/npm environment and the mem0ai package for its core behavior.
The skill relies on an external npm dependency, and the registry metadata does not declare an install mechanism or required binary despite Node-based scripts.
"dependencies": {
"mem0ai": "^2.2.1"
}Confirm dependencies are installed from trusted sources and prefer using the included lockfile when setting up the package.
If used accidentally, the assistant's stored memory for that user could be erased.
The skill exposes a command that can delete all stored memories for a user. It is clearly documented and purpose-aligned, but it is a destructive memory-management action.
node scripts/mem0-delete.js --all --user=abhay
Use bulk deletion only when intentionally clearing memory, and consider listing memories before deleting them.