ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cognee Memory System

v1.0.0

AI知识引擎 - 6行代码实现记忆系统。remember/recall/forget/improve循环,向量+图搜索,支持OpenClaw插件。

0· 71·0 current·0 all-time
bySMS@smseow001

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for smseow001/cognee-memory.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Cognee Memory System" (smseow001/cognee-memory) from ClawHub.
Skill page: https://clawhub.ai/smseow001/cognee-memory
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install cognee-memory

ClawHub CLI

Package manager switcher

npx clawhub@latest install cognee-memory
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes a memory engine (vector+graph, remember/recall/forget/improve) and references an LLM API key and an optional Cognee cloud API — these requirements are coherent with a memory/knowledge service. However, the registry metadata declares no required environment variables or credentials, which is inconsistent with the SKILL.md's explicit instructions to export LLM_API_KEY and optional COGNEE_API_KEY.
!
Instruction Scope
The instructions and plugin integration list event hooks (SessionStart, PostToolUse, UserPromptSubmit, PreCompact, SessionEnd) that will capture session prompts, tool outputs and other agent activity and bridge them to a permanent knowledge graph. The SKILL.md does not describe sanitization, retention policy, or what exact data is persisted or sent to Cognee Cloud. That behavior can lead to persistent storage of sensitive content or automated transmission to an external service without additional safeguards.
Install Mechanism
This is an instruction-only skill (no install spec in the registry). The README instructs users to run pip install cognee and npm install @cognee/cognee-openclaw. Those are normal install routes, but because installation will pull third-party packages, users should verify the pip/npm packages and their provenance before installing. Lack of an install spec in the registry means the skill metadata does not constrain or vet what code will be installed.
!
Credentials
The SKILL.md requires LLM_API_KEY (OpenAI or other LLM provider) and optionally COGNEE_API_KEY/COGNEE_SERVICE_URL for cloud usage. Requesting an LLM key and a cloud API key is proportionate for this functionality, but the registry metadata lists no required env vars — that mismatch is a red flag. Also, if the optional Cognee cloud credentials are supplied, that gives an external service the ability to receive and store persisted memories (possibly including sensitive data).
!
Persistence & Privilege
The skill is not force-included (always:false) and does not request system-wide privileges, but the described OpenClaw plugin auto-integration will persist session data into a knowledge graph and can bridge to Cognee Cloud. That persistence is a core feature, but it increases blast radius: agent prompts, tool outputs, and other contextual data can become long-lived outside the user's current session.
What to consider before installing
Before installing: 1) Verify the pip and npm packages (author, downloads, GitHub repo, published owners) to ensure you get the intended code. 2) Treat LLM_API_KEY and COGNEE_API_KEY as sensitive — don't set them in shared CI/hosted environments unless you trust the service. 3) Understand that the OpenClaw plugin will capture prompts, tool outputs, and session events and may persist them to a knowledge graph or Cognee Cloud; confirm retention, access controls, and sanitization policies. 4) If you must keep data private, prefer a local-only deployment (self-hosted Cognee instance or disable cloud integration) and audit the installed package code. 5) Ask the registry/owner to update metadata to list required environment variables and clearly document what the plugin captures and where data is sent. If you cannot verify package provenance or data handling, avoid installing in production or on machines with sensitive data.

Like a lobster shell, security has layers — review code before you run it.

aivk971dzshvaj2j7khpv9361c721850px0cogneevk971dzshvaj2j7khpv9361c721850px0graphvk971dzshvaj2j7khpv9361c721850px0knowledgevk971dzshvaj2j7khpv9361c721850px0latestvk971dzshvaj2j7khpv9361c721850px0memoryvk971dzshvaj2j7khpv9361c721850px0ragvk971dzshvaj2j7khpv9361c721850px0searchvk971dzshvaj2j7khpv9361c721850px0vectorvk971dzshvaj2j7khpv9361c721850px0
71downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
SMS@smseow001
aicogneegraphknowledgelatestmemoryragsearchvector
Download

Cognee Memory System

AI知识引擎 - 6行代码实现记忆系统

官网: https://cognee.ai
GitHub: https://github.com/topoteretes/cognee
安装: pip install cognee
OpenClaw插件: @cognee/cognee-openclaw

核心API

四大操作

操作功能说明
remember存储记忆永久存储到知识图谱
recall查询记忆自动路由最优搜索策略
forget删除记忆删除过时/错误记忆
improve优化学习持续学习提升准确性

快速开始

Python API

import cognee
import asyncio

async def main():
    # 存储到知识图谱
    await cognee.remember("Cognee turns documents into AI memory.")
    
    # 存储到会话缓存(快速)
    await cognee.remember("User prefers detailed explanations.", session_id="chat_1")
    
    # 查询(自动路由)
    results = await cognee.recall("What does Cognee do?")
    for result in results:
        print(result)
    
    # 删除
    await cognee.forget(dataset="main_dataset")

asyncio.run(main())

CLI

cognee-cli remember "Cognee turns documents into AI memory."
cognee-cli recall "What does Cognee do?"
cognee-cli forget --all
cognee-cli -ui  # 打开本地UI

配置

环境变量

# OpenAI API(必需)
export LLM_API_KEY="your-openai-key"

# 或使用其他LLM提供商
# 见: https://docs.cognee.ai/setup-configuration/llm-providers

# Cognee Cloud(可选)
export COGNEE_SERVICE_URL="https://your-instance.cognee.ai"
export COGNEE_API_KEY="ck_..."

使用场景

1. 客服Agent

用户:"我的发票有问题还没解决"
Cognee追踪:历史交互、失败操作、已解决案例、产品历史
Agent回复:"找到2个上月类似计费案例已解决,问题由支付系统同步延迟导致"

2. SQL Copilot(知识蒸馏)

用户:"如何计算客户留存率?"
Cognee追踪:专家SQL查询、工作流模式、schema结构、成功实现
Agent回复:"高级分析师解决了类似留存查询,这是他们的方案..."

3. 跨会话记忆

# Session 1
await cognee.remember("用户喜欢详细的解释", session_id="user_123")

# Session 2(跨会话查询)
results = await cognee.recall("用户偏好什么?", session_id="user_123")

OpenClaw插件安装

npm install @cognee/cognee-openclaw

插件自动集成:

  • SessionStart → 初始化记忆
  • PostToolUse → 捕获行动
  • UserPromptSubmit → 注入相关上下文
  • PreCompact → 跨上下文保留记忆
  • SessionEnd → 桥接到永久知识图谱

vs 其他记忆系统

功能我们现有Cognee
存储方式文件向量+图双存储
搜索方式关键词语义+关系
学习能力forget+improve
跨Agent不支持共享知识图谱
可视化CLI UI

部署选项

平台说明
Cognee Cloud托管服务
Modal无服务器,GPU自动扩展
Railway简化PaaS
Fly.io边缘部署
Render简单PaaS

示例代码

完整记忆循环

import cognee
import asyncio

async def memory_loop():
    # 1. 学习新知识
    await cognee.remember("用户正在学习Python编程")
    await cognee.remember("用户偏好边做边学的教学方式")
    
    # 2. 查询相关记忆
    results = await cognee.recall("用户的学习偏好是什么?")
    
    # 3. 根据反馈改进
    await cognee.improve("纠正对用户偏好的错误理解")
    
    # 4. 忘记错误记忆
    await cognee.forget("错误的假设")

asyncio.run(memory_loop())

安装状态

  • Python包:✅ 已安装 cognee
  • OpenClaw插件:需额外安装 @cognee/cognee-openclaw

Powered by Cognee | https://cognee.ai

Comments

Loading comments...