Lovefromio Openclaw Persistent Memory

v1.0.0

Persistent memory system - automatic context capture and semantic search

⭐ 0· 38·0 current·0 all-time

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for lovefromio/lovefromio-openclaw-persistent-memory.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Lovefromio Openclaw Persistent Memory" (lovefromio/lovefromio-openclaw-persistent-memory) from ClawHub.
Skill page: https://clawhub.ai/lovefromio/lovefromio-openclaw-persistent-memory
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: openclaw-persistent-memory
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install lovefromio-openclaw-persistent-memory

ClawHub CLI

Package manager switcher

npx clawhub@latest install lovefromio-openclaw-persistent-memory

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The skill claims to provide a local persistent memory worker and OpenClaw extension, which matches the files and scripts present. However, the SKILL.md and install scripts refer to an npm package named openclaw-persistent-memory and expect a binary named openclaw-persistent-memory, while the included package.json declares a different package name (@openclaw/persistent-memory-skill) and defines a bin named openclaw-mem-skill -> ./scripts/mem-search.sh. This mismatch means the declared required binary may not be created by the packaged npm artifact — an incoherence between claimed capabilities and the artifacts provided.

ℹ

Instruction Scope

Runtime instructions operate on local OpenClaw config (~/.openclaw), install a global npm package, copy extension files into the user's home directory, and start a local worker on 127.0.0.1:37778. Those actions are within scope for a persistent-memory plugin. However, the docs/instructions also recommend piping a remote install script from raw.githubusercontent.com into bash (curl ... | bash), which expands the attack surface by executing remote code without local inspection. The scripts reference environment variable OPENCLAW_MEM_URL (used as WORKER_URL) but that env var is not documented in requires.env — it's optional but should be declared.

Install Mechanism

The declared install mechanism is an npm package (moderate risk). The included INSTALL.md further suggests executing a remote install script via curl -fsSL https://raw.githubusercontent.com/.../install.sh | bash — executing piped remote scripts is high risk even when hosted on GitHub raw because it runs code fetched at install time. In addition, the package.json present inside this skill does not match the npm package name used by the install scripts (possible packaging error), which could lead to unexpected sources being installed or missing files after installation.

✓

Credentials

The skill does not request credentials or config paths. It uses local OpenClaw configuration paths (~/.openclaw) and a local HTTP worker on 127.0.0.1:37778 — appropriate for a local memory plugin. One minor issue: the CLI honors OPENCLAW_MEM_URL if set but this env var is not declared in the skill metadata; no secret-bearing environment variables are required.

✓

Persistence & Privilege

The skill is not force-included (always: false) and is user-invocable. It does not request persistent platform-wide privileges in metadata. Installation and operation modify files under the user's home (~/.openclaw/extensions and ~/.openclaw/openclaw.json) which is expected for an OpenClaw plugin.

What to consider before installing

Recommended precautions before installing: 1) Do not blindly run curl ... | bash. Instead, fetch the install script first, inspect it locally for unexpected network calls or destructive commands, and then run it if it looks safe. 2) Verify the npm package name and contents: run npm view openclaw-persistent-memory and/or install into a disposable environment and inspect the global package folder to confirm it includes the expected extension files (extension/index.ts, openclaw.plugin.json, etc.). The package.json bundled with this skill uses a different name and a different bin; this mismatch could cause missing binaries or install the wrong package. 3) Check which binary is actually provided after installation (openclaw-persistent-memory vs openclaw-mem-skill). If the expected worker binary is missing, do not proceed until the package author clarifies the correct package/binary names. 4) Review the worker source (the npm package repository) before running the worker; confirm it only listens on localhost, does not send data to remote endpoints, and does not attempt to read unrelated files. 5) Backup your ~/.openclaw/openclaw.json and other OpenClaw data before changing configuration. 6) Prefer installing and testing in an isolated environment (VM or container) first. If you need higher assurance, ask the publisher to provide a signed release or an authoritative package name that matches the included package.json. What would change this assessment: if the publisher confirms the correct npm package name and binary mapping and removes the curl|bash recommendation (or you inspect the remote script and it is benign), the inconsistencies would be resolved and the skill would look coherent. Conversely, inability to reconcile the package/bin mismatch or discovery of remote exfiltration code in the worker would increase the severity.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binsopenclaw-persistent-memory

Install

Install OpenClaw Persistent Memory (npm)

Bins: openclaw-persistent-memory

npm i -g openclaw-persistent-memory

latestvk979r992brage5d5d7x716a1x185mfq8

38downloads

0stars

1versions

Updated 1d ago

v1.0.0

MIT-0

OpenClaw Persistent Memory

Persistent memory system that automatically captures context across sessions using SQLite + FTS5.

Features

🧠 Auto-capture - Important observations saved automatically after each response
🔍 Auto-recall - Relevant memories injected before each prompt
💾 SQLite + FTS5 - Fast full-text search across all memories
🛠️ Tools - memory_search, memory_get, memory_store, memory_delete
📊 Progressive disclosure - Token-efficient retrieval

Setup

Install the npm package:

npm install -g openclaw-persistent-memory

Start the worker service:
```
openclaw-persistent-memory start
```

Install the OpenClaw extension:

# Copy extension to OpenClaw extensions directory
cp -r node_modules/openclaw-persistent-memory/extension ~/.openclaw/extensions/openclaw-mem
cd ~/.openclaw/extensions/openclaw-mem && npm install

Configure OpenClaw (in ~/.openclaw/openclaw.json):

{
  "plugins": {
    "slots": {
      "memory": "openclaw-mem"
    },
    "allow": ["openclaw-mem"],
    "entries": {
      "openclaw-mem": {
        "enabled": true,
        "config": {
          "workerUrl": "http://127.0.0.1:37778",
          "autoCapture": true,
          "autoRecall": true
        }
      }
    }
  }
}

Restart OpenClaw gateway

Tools Provided

Tool	Description
`memory_search`	Search memories with natural language
`memory_get`	Get a specific memory by ID
`memory_store`	Save important information
`memory_delete`	Delete a memory by ID

API Endpoints

Worker runs on http://127.0.0.1:37778:

Endpoint	Method	Description
`/api/health`	GET	Health check
`/api/stats`	GET	Database statistics
`/api/search`	POST	Full-text search
`/api/observations`	GET	List recent observations
`/api/observations/:id`	GET	Get observation
`/api/observations/:id`	DELETE	Delete observation
`/api/observations/:id`	PATCH	Update observation

Troubleshooting

Worker not running

curl http://127.0.0.1:37778/api/health
# If fails, restart:
openclaw-persistent-memory start

Auto-recall not working

Check OpenClaw logs: tail ~/.openclaw/logs/*.log | grep openclaw-mem
Verify plugins.slots.memory is set to "openclaw-mem"
Restart gateway after config changes

Comments

Loading comments...