Ultra Memory

This skill appears to do what it says: keep persistent, searchable records of agent activity. Before you install or enable it widely, consider the following: - Review the scripts (especially scripts/log_op.py, scripts/recall.py, scripts/init.py, and platform/server.py) to confirm how they redact or filter sensitive content. The SKILL.md mentions redaction, but defaults/configuration determine whether secrets are actually removed. - Run it in an isolated/sandbox environment first to observe what it logs (ops.jsonl, knowledge_base.jsonl, user_profile.json). Check for accidental capture of API keys, tokens, file contents, or other secrets. - Set ULTRA_MEMORY_HOME to a location you control and set file permissions (chmod 700) so only you can read the memory store. Regularly inspect/rotate or delete stored sessions if needed. - Disable or avoid enabling networked/shared storage options (S3, team NAS) unless you understand the consequences and add proper access controls and encryption. - If you use automatic hooks (clawbot_hook.yaml, post_tool_call), be aware they will log without additional prompts — consider narrowing the hooks, skipping certain op_types, or adding skip_paths for sensitive directories (e.g., ~/.ssh, /etc) - Add/verify sensitive_patterns in config.json to redact patterns used by your org (API keys, internal tokens, etc.). Don't rely solely on generic patterns. - Do not run the REST server bound to 0.0.0.0 or otherwise expose it publicly without network-level authentication/firewalls. If you want a stronger safety posture before adoption: audit the redaction implementation in the code, disable auto-logging hooks, and limit the skill to local-only operation with strict directory permissions. If you want, I can scan specific scripts (e.g., log_op.py, extract_entities.py) for their redaction logic and exact file I/O behavior — that would raise confidence in this assessment.