ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Persistent Memory

v3.0.0

Three-layer persistent memory system (Markdown + ChromaDB vectors + NetworkX knowledge graph) for long-term agent recall across sessions. One-command setup w...

0· 1k·7 current·7 all-time
by@jakebot-ops
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code and SKILL.md match the described purpose: parsing workspace markdown, building ChromaDB vectors and a NetworkX graph, and integrating those memories into OpenClaw. The indexer, search, graph, and auto_retrieve scripts implement the three-layer memory, and the configuration script targets OpenClaw memorySearch as promised.
!
Instruction Scope
The runtime instructions tell the user to run a one-command installer (unified_setup.sh) that not only creates a local venv and installs dependencies but also locates and modifies OpenClaw configuration files and attempts to restart OpenClaw. The inline Python used by unified_setup.sh updates ~/.openclaw/openclaw.json or ./openclaw.json directly (without invoking the configure_openclaw.py backup path), which is a system-level change beyond simply adding local memory files. This is in-scope for integrating with OpenClaw but is high-impact and performed without an explicit interactive confirmation or guaranteed backup in the unified path.
Install Mechanism
No registry install spec was provided; setup is performed by the provided shell scripts which create a Python venv and run pip to install pinned packages (sentence-transformers, chromadb, networkx). This is a moderate-risk, expected mechanism for a Python-based tool. Note: running the code will download model weights (sentence-transformers) from external servers at runtime.
Credentials
The skill requests no environment variables or external credentials. It does, however, add many workspace files (SOUL.md, AGENTS.md, IDENTITY.md, USER.md, reference/) to OpenClaw's memorySearch extraPaths — this will expose workspace-local directives and potentially sensitive local files to the memory index. That behavior is coherent with the stated goal but should be reviewed because it broadens what the agent will automatically read/index.
!
Persistence & Privilege
The skill modifies OpenClaw's configuration (a system-wide agent setting) and attempts to restart OpenClaw via the 'openclaw' CLI. The installer path bundled in unified_setup.sh makes these modifications non-interactively (no backup code path is invoked in that inline configure routine). While the action aligns with the skill's function, changing another tool's global config is high-privilege and should be done with explicit user consent and backups.
What to consider before installing
What to do before running this skill: - Inspect the files scripts/configure_openclaw.py and the inline configure code in unified_setup.sh to confirm the exact changes (which extraPaths will be added). - Run configure_openclaw.py with --dry-run first (or run the standalone script instead of unified_setup.sh) to see proposed edits and ensure you have a good backup of ~/.openclaw/openclaw.json. - If you must use unified_setup.sh, run it in a non-production workspace and avoid running as a privileged user; review and commit a backup of your OpenClaw config beforehand. - Be aware the setup will pip-install packages and the sentence-transformers model will download weights from the network; if you have air-gapped or constrained environments, perform installs manually. - Consider removing or excluding sensitive files (IDENTITY.md, USER.md, etc.) from the configured extraPaths if you do not want them indexed by the agent. - If you prefer manual control, run the setup steps one-by-one (create venv, copy scripts, run indexer, then run configure_openclaw.py with --backup) rather than the one-command unified installer.

Like a lobster shell, security has layers — review code before you run it.

chromadbvk97a8yvgavd7gsera5gvqsfjs181dknzknowledge-graphvk97a8yvgavd7gsera5gvqsfjs181dknzlatestvk97435v05f9bqthvgyrqfdp9e181g0r5memoryvk97a8yvgavd7gsera5gvqsfjs181dknzpersistencevk97a8yvgavd7gsera5gvqsfjs181dknzrecallvk97a8yvgavd7gsera5gvqsfjs181dknz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments