OpenClaw Universal Memory

Generic Postgres and pgvector memory layer for connector-agnostic data ingestion, incremental sync, and searchable chunk storage with cursor history.

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 0 · 514 · 2 current installs · 2 all-time installs

byMarcos Athanasoulis@marcosathanasoulis

MIT-0

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The name/description match the included launcher script: it runs an openclaw_memory CLI to manage pgvector-backed memory and ingestion. However the registry metadata declares no required env vars or binaries, while SKILL.md and the script expect a DATABASE_DSN (or --dsn/--dsn-file) and a locally installed package (pip install -e .). The distributed bundle does not include the package under src/ (only a scripts wrapper), so installing/running as instructed will fail or will depend on code you must obtain separately. Connectors (google/slack/asana/iMessage) are referenced but their credentials and connector code are not included or declared.

Instruction Scope

SKILL.md gives concrete CLI invocations that only interact with a local Postgres DSN; the provided script only spawns the openclaw_memory.cli module (no network calls in the wrapper). But the skill delegates connector work to external connector code (not included), which likely calls external APIs and requires additional credentials/config. The skill also supports configure-dsn which may persist secrets to disk (via underlying CLI), and while the README warns against passing secrets on the command line, the wrapper accepts --dsn and will place it into the subprocess environment—this is potentially mishandled if the underlying CLI writes config files or logs. The instructions are otherwise specific, not overly open-ended.

Install Mechanism

There is no install spec in the registry. SKILL.md instructs the user to run 'pip install -e .' to install the package, but the bundle does not include a pyproject/setup or the package sources under src/ (only a wrapper script and references). That means the instructions require installing code that is not bundled; installation as-is will either fail or pull code from an external source you must obtain separately. This missing packaging makes the skill incoherent and increases risk because behavior depends on external code not provided for review.

Credentials

The skill declares no required environment variables in the registry, yet SKILL.md and the script expect a DATABASE_DSN (default env name DATABASE_DSN) and connectors will require service credentials. The absence of declared env requirements is misleading. The skill recommends least-privilege DB credentials, but provides no enforced mechanism for credential protection (configure-dsn may persist secrets—location unspecified).

✓

Persistence & Privilege

The skill does not request 'always: true' and uses normal agent invocation settings. It does not try to modify other skills or system-wide configuration in the provided wrapper. The only persistence risk is that the underlying CLI (not included) might write DSN/config files; the wrapper forwards --config-path to that CLI, so review where configure-dsn stores secrets before using it.

What to consider before installing

This skill is plausible for providing a Postgres/pgvector memory layer, but the package that actually implements the functionality is not included in the bundle and the registry metadata fails to declare the DATABASE_DSN requirement—do not install or run until you: 1) obtain and review the full Python package (pyproject/setup and src/openclaw_memory) so you can inspect connector implementations and where secrets are stored; 2) provide the database DSN via a secure OS secret store or environment (avoid passing secrets on the command line); 3) use least-privilege DB credentials limited to the um_* tables; 4) verify what configure-dsn does (where it writes config, file permissions, encryption); and 5) audit any connector code before enabling ingestion (connectors will call external APIs and require credentials). If you cannot review the missing package code, treat this skill as untrusted and do not run it against production or sensitive databases.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0

Download zip

latestvk97fdsq98tt4e4r0rhdzn6tjzx814t6t

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

OpenClaw Universal Memory

This skill provides a generic memory layer for heterogeneous data:

canonical entity/chunk schema,
connector-style ingestion with cursors,
searchable memory in Postgres.

Use Cases

Normalize records from multiple systems into one schema.
Keep incremental sync history (cursor per connector/account).
Build RAG-ready chunk storage in pgvector.

Prerequisites

Postgres with vector extension.
Local package installed: pip install -e ..
Python dependency for DB I/O:
- pip install "psycopg[binary]>=3.2"
DSN provided via environment variable (DATABASE_DSN by default).

Security Boundaries

Do not pass raw passwords/tokens in command-line arguments.
Prefer OS secret store or process environment injection for DSN.
This skill only reads/writes your configured Postgres database; it does not call external APIs directly.
Use least-privilege DB credentials (SELECT/INSERT/UPDATE/DELETE on um_* tables only).
Review and trust any custom connector before running it.

Responsible Use Caveat

Use this only for accounts/data you legitimately control or are authorized to process.
You are responsible for privacy, retention, and regulatory compliance.
This project is provided under Apache 2.0 without operational warranty.
This implementation is mostly AI-generated code with experienced engineer oversight; validate before production use.

Commands

Store DB credentials once (recommended):

python skills/openclaw-universal-memory/scripts/run_memory.py \
  --action configure-dsn

Initialize schema:

python skills/openclaw-universal-memory/scripts/run_memory.py \
  --action init-schema \
  --dsn-env DATABASE_DSN

Ingest JSON/NDJSON:

python skills/openclaw-universal-memory/scripts/run_memory.py \
  --action ingest-json \
  --dsn-env DATABASE_DSN \
  --source gmail \
  --account marcos@athanasoulis.net \
  --entity-type email \
  --input /path/to/records.ndjson

Ingest from built-in connectors:

python skills/openclaw-universal-memory/scripts/run_memory.py \
  --action ingest-connector \
  --connector google \
  --account you@example.com \
  --dsn-env DATABASE_DSN \
  --limit 300

Validate connector auth/config before ingest:

python skills/openclaw-universal-memory/scripts/run_memory.py \
  --action validate-connector \
  --connector google \
  --account you@example.com \
  --dsn-env DATABASE_DSN \
  --limit 1

Search:

python skills/openclaw-universal-memory/scripts/run_memory.py \
  --action search \
  --dsn-env DATABASE_DSN \
  --query "Deryk" \
  --limit 20

Recent ingest history:

python skills/openclaw-universal-memory/scripts/run_memory.py \
  --action events \
  --dsn-env DATABASE_DSN \
  --limit 20

Doctor check:

python skills/openclaw-universal-memory/scripts/run_memory.py \
  --action doctor

Scheduling reference:

docs/SCHEDULING.md (cron examples, 15-minute default, connector toggles)

Connector Contract (for custom adapters)

A connector returns normalized records + next cursor:

external_id
entity_type
title
body_text
raw_json
meta_json
next_cursor

This keeps ingestion generic and supports arbitrary source systems.

Starter connector templates:

src/openclaw_memory/connectors/templates.py

Step-by-step setup guide (Gmail/Slack/Asana/iMessage):

docs/CONNECTOR_SETUP_WALKTHROUGH.md

Community

We welcome connector contributions via PR. See docs/CONNECTOR_CONTRIBUTING.md for required contract, tests, and setup instructions.

Files

3 total

Select a file

Select a file to preview.

Comments

Loading comments…