虾尊记忆自动管理器
v1.0.0记忆自动主动管理:每15分钟自动扫描对话,发现重要信息自动写入每日memory。解决"主动感知靠自觉经常失效"的问题。 使用场景: - 每次对话结束后自动检查是否有遗漏的重要信息 - 自动记录完成的任务、决策、教训、配置变更 - 增量扫描对话历史,不遗漏不重复 - user + assistant 消息双读,确保...
⭐ 0· 22·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match what the files and SKILL.md implement: a cron-driven scanner that reads session transcripts and writes daily memory files. Requested tools (exec, read, write) and the presence of scripts (memory-scan.py, setup.sh) are proportionate to this goal. No unrelated external services or credentials are requested.
Instruction Scope
SKILL.md and cron messages explicitly instruct running memory-scan.py to read the main session transcript(s) (~/.openclaw/agents/main/sessions/*.jsonl) and to write into ~/.openclaw/workspace/memory/*. That is expected, but it means the skill will persist both user and assistant message contents (up to truncation limits) into durable files — this can capture sensitive data. The instructions also include weekly merging and optional delivery notifications (feishu); those are consistent with the purpose but expand the blast radius (notifications may expose content if channel configuration is broad).
Install Mechanism
No remote downloads or package installs. setup.sh copies local scripts into ~/.openclaw and registers crons via the openclaw CLI. This is a low-risk local install pattern. One minor mismatch: setup.sh attempts a sed replacement of a hardcoded filename GUID that does not appear in memory-scan.py (harmless but may be a leftover).
Credentials
The skill declares no required environment variables or credentials and indeed operates on local filesystem paths. It does read transcripts and writes memory files as expected; no unexplained secrets, API keys, or config paths are requested.
Persistence & Privilege
always is false and the skill is user-invocable (normal). It writes persistent files under ~/.openclaw/workspace/memory and creates cron entries to run periodically, which is expected for this function. Because it persists conversation contents and may send notifications, users should be aware of the ongoing presence and storage of chat data — but the requested privileges are consistent with the stated goal and do not modify other skills or system-wide configs.
Assessment
This skill is coherent with its stated goal, but it persistently reads transcripts and writes user/assistant content to disk. Before installing: (1) review whether you want all transcripts (including potential secrets) saved into ~/.openclaw/workspace/memory; (2) consider file permissions or encryption for that directory; (3) check the cron deliver settings (Feishu/channel) to avoid accidentally posting sensitive summaries to external channels; (4) test the script manually (python3 ~/.openclaw/scripts/memory-scan.py) and inspect the produced files to confirm formatting and redaction behavior; (5) if you need limits, add filters to memory-scan.py to redact tokens/credentials or to skip messages containing sensitive markers. The installer’s sed step references a hardcoded filename GUID that appears unnecessary — verify transcript path configuration after install. Autonomous invocation is allowed by default but is not combined with other red flags here; still monitor first few runs.Like a lobster shell, security has layers — review code before you run it.
automationvk97dc9njcs2g4j6fk08fdvgs8d84xr54latestvk97dc9njcs2g4j6fk08fdvgs8d84xr54memoryvk97dc9njcs2g4j6fk08fdvgs8d84xr54openclawvk97dc9njcs2g4j6fk08fdvgs8d84xr54
License
MIT-0
Free to use, modify, and redistribute. No attribution required.