ClawHub

Jackal Skill

Sovereign, recoverable memory for AI agents backed by Jackal decentralized storage.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 222 · 0 current installs · 0 all-time installs
by@Regan-Milne
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description ask for a networked memory store; the skill requires a JACKAL_MEMORY_API_KEY and the client.py contacts the declared BASE_URL to save/load data. The env var and endpoints align with the stated purpose.
Instruction Scope
SKILL.md and client.py keep scope to storing and retrieving encrypted blobs. The client enforces client-side AES-256-GCM encryption before network transmission. Note: the client auto-generates and writes an encryption key to ~/.config/jackal-memory/key and prints it to stderr (one-time message); copying that key between machines as instructed can leak the key if not done carefully.
Install Mechanism
No install spec / no archive downloads. The only declared dependency is the cryptography Python package (pip install cryptography), which is appropriate for local AES-GCM encryption. The package choice and lack of external installers are proportionate.
Credentials
Only JACKAL_MEMORY_API_KEY is required (with an optional JACKAL_MEMORY_ENCRYPTION_KEY override). These env vars are directly relevant to the described service; no unrelated credentials or system paths are requested.
Persistence & Privilege
The skill is not always-loaded and can be invoked by the user. It writes its own key file under the user's ~/.config/jackal-memory directory (expected for this use) and does not request broader system or other-skill configuration access.
Assessment
This skill appears internally coherent, but you should verify you trust the remote service before use. Practical precautions: (1) confirm the BASE_URL/host is legitimate (the bundle points to a railway.app deployment with no other homepage or owner info); (2) treat the encryption key as highly sensitive—do not paste it into chats or public logs and be careful when copying it between machines since the client prints it and writes it to disk; (3) consider auditing the remote service or self-hosting if you plan to store sensitive secrets in memory; (4) running the client will make outbound requests to the stated URL using your API key—only proceed if you trust that endpoint.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.1
Download zip
latestvk97efsdqnwcsryzdcrw3j55hph821xyq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
EnvJACKAL_MEMORY_API_KEY

SKILL.md

Jackal Memory

Persist your memory across sessions and machines. Your data lives on Jackal Protocol decentralized storage — not on any single machine. If the machine dies, your memory survives.

All content is encrypted client-side with AES-256-GCM before leaving your machine. The server never sees plaintext.

Setup

  1. Get an API key: https://web-production-5cce7.up.railway.app/auth/login
  2. Set environment variable: JACKAL_MEMORY_API_KEY=<your-key>
  3. Install dependency: pip install cryptography
  4. On first save, an encryption key is auto-generated and saved to ~/.config/jackal-memory/key. To use the same key on other machines, copy it: 
    python {baseDir}/jackal-memory/client.py keygen
    Set JACKAL_MEMORY_ENCRYPTION_KEY=<your-key> — this takes priority over the key file.

Base URL

https://web-production-5cce7.up.railway.app

Auth

Authorization: Bearer $JACKAL_MEMORY_API_KEY

Usage

On session start — restore memory:

python {baseDir}/jackal-memory/client.py load <key>

On session end — save memory:

python {baseDir}/jackal-memory/client.py save <key> <content>

Check storage usage:

python {baseDir}/jackal-memory/client.py usage

Or call the API directly:

GET  /load/{key}
POST /save       {"key": "...", "content": "..."}
GET  /usage

Behaviour guidelines

  • Load your identity/memory blob on startup before doing any work
  • Write locally during the session as normal
  • Call save at session end or on significant state changes
  • Use descriptive keys: identity, session-2026-02-26, project-jackal
  • Never log or expose JACKAL_MEMORY_API_KEY in output
  • Never log or expose JACKAL_MEMORY_ENCRYPTION_KEY in output

Security

  • All content is encrypted before leaving your machine — the server cannot read your memories
  • Never paste API keys or encryption keys into chat logs
  • Back up your encryption key: python {baseDir}/jackal-memory/client.py keygen
  • Treat memory content as sensitive — it may contain credentials or personal data

Files

3 total
Select a file
Select a file to preview.

Comments

Loading comments…