ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Memory Kit 2.1.0

v1.0.0

Structured episodic/semantic/procedural memory framework for agents.

0· 198·1 current·1 all-time
by@durtydhiana

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for durtydhiana/agent-memory-kit-2-1-0.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Agent Memory Kit 2.1.0" (durtydhiana/agent-memory-kit-2-1-0) from ClawHub.
Skill page: https://clawhub.ai/durtydhiana/agent-memory-kit-2-1-0
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install agent-memory-kit-2-1-0

ClawHub CLI

Package manager switcher

npx clawhub@latest install agent-memory-kit-2-1-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims a file-based memory framework and includes many markdown templates plus two shell scripts (search implementation and a compaction checker), which is coherent for the stated purpose. However documentation repeatedly references a bin/memory-search CLI and a bin/memory-search entrypoint (and recommends adding it to PATH), but the provided file manifest does not include a bin/memory-search executable — only lib/search.sh is present. That mismatch (docs expect an executable wrapper that isn't present) is unexplained and worth verifying.
!
Instruction Scope
SKILL.md runtime instructions are limited to copying templates into memory/ and updating the wake routine — reasonable. But other included docs instruct operations beyond simple file copying: (a) run `git pull origin main` inside the skill directory (network operation and remote code retrieval), (b) add token checks referencing an endpoint '/status' (no host specified), and (c) recommend adding CLI to PATH by editing shell rc files. The '/status' check is vague and could cause an agent to query an internal or external service without clear justification. These instructions grant discretion to run networked operations and to modify user shell config; that scope creep should be audited.
Install Mechanism
There is no formal install spec (instruction-only), which reduces immediate installer risk. The package includes shell scripts (lib/search.sh and helpers/check-compaction.sh) that will be placed on disk if the user copies them. Documentation suggests cloning/pulling from GitHub and making scripts executable — benign for typical open-source tooling but introduces remote code pull risks if used without verification. No third-party binary downloads or extract-from-URL installs are declared.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. The requested filesystem access (copying templates into memory/, editing shell rc to add PATH) is proportionate to a file-based memory system. There are no explicit requests for secrets or unrelated credentials.
Persistence & Privilege
Skill flags show always:false and default autonomy behavior; nothing requests forced always-on presence or modification of other skills' configs. The docs do instruct adding an entry to your wake routine and editing shell rc to add the CLI to PATH — normal for a local CLI tool but worth noting because it modifies user shell startup files.
What to consider before installing
What to check before installing or running this kit: 1) Verify the executable: the docs reference bin/memory-search but the manifest lacks that file. Inspect lib/search.sh and any bin wrapper expected by the docs. Do not run any 'memory-search' commands until you confirm which file is the CLI and that it is the intended code. 2) Inspect the scripts for network or remote-exec calls: open helpers/check-compaction.sh and lib/search.sh and grep for 'curl', 'wget', 'nc', 'ssh', 'scp', 'git', 'http', 'https', 'localhost', '127.0.0.1' or other external endpoints. The docs mention checking '/status' — find out what that refers to and whether the script will call an external service. 3) Avoid blindly running 'git pull' from an origin you don't control. If you clone from the public GitHub URL in README, verify the repository and its commit history first. Never run 'git pull' inside a skill directory from an unknown remote without review. 4) Backup your shell rc files before modifying PATH: the install docs recommend editing ~/.bashrc or ~/.zshrc. Save a copy and prefer adding an explicit alias or running the script via full path until you're confident. 5) Run locally in a sandbox first: test in an isolated environment (throwaway VM or container) to confirm behavior, especially compaction checks and any scripts that alter files or make network calls. 6) If you accept the kit, make the scripts executable yourself (chmod +x) and read them line-by-line. Look out for commands that write to locations outside the skill folder or that send data off-host. If you want, I can (a) scan the contents of helpers/check-compaction.sh and lib/search.sh for suspicious calls and summarize any network or destructive operations, or (b) produce a safe step-by-step sandbox install checklist you can follow.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c3st60r8s9nf0s320z0s34h8347b6
198downloads
0stars
1versions
Updated 23h ago
v1.0.0
MIT-0
@durtydhiana
latest
Download

Agent Memory Kit

Type: Practice / Framework Dependencies: None (markdown only)

Description

A structured memory system for AI agents. Prevents the "forgot how to do things" problem by separating memory into episodic (what happened), semantic (what I know), and procedural (how to do things) layers.

Installation

# Create memory folder structure
mkdir -p memory/procedures

# Copy templates
cp templates/ARCHITECTURE.md memory/
cp templates/feedback.md memory/
cp templates/procedure-template.md memory/procedures/

Usage

  1. Read README.md to understand the system
  2. Add memory loading to your wake routine (AGENTS.md)
  3. Use templates when logging events, creating procedures, tracking feedback

Files

FilePurpose
README.mdFull documentation
templates/ARCHITECTURE.mdMemory system overview (copy to memory/)
templates/feedback.mdSuccess/failure tracking template
templates/procedure-template.mdHow-to document template
templates/daily-template.mdDaily log template
templates/compaction-survival.mdNEW: Pre-compaction flush guide
templates/context-snapshot-template.mdNEW: Quick context save template
helpers/check-compaction.shNEW: Token limit checker

Key Concepts

  • Episodic memory: Daily logs of WHAT happened
  • Semantic memory: Curated knowledge (MEMORY.md)
  • Procedural memory: HOW to do things
  • Feedback loops: Learn from success/failure

The Rule

Always capture the HOW, not just the WHAT. Future-you needs the steps.

Comments

Loading comments...