long-term-memory
PassAudited by VirusTotal on May 9, 2026.
Overview
Type: OpenClaw Skill Name: memory-for-openclaw Version: 1.2.0 The skill bundle provides a functional long-term memory system for OpenClaw agents using a local SQLite database with FTS5 full-text search. The core logic in `scripts/memory_engine.py` allows agents to save and retrieve context, decisions, and user preferences locally, while `scripts/setup.py` handles workspace initialization. Although the documentation in `SKILL.md` includes commercial service offerings and a WeChat contact (18923788188), the code contains no evidence of data exfiltration, malicious execution, or unauthorized access; all operations are confined to the local workspace.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Information you share may be saved locally and later affect answers in future sessions, including across projects if not carefully tagged or filtered.
The skill explicitly asks the agent to persist user/project facts and reuse retrieved memories as future context. This is the core feature, but it means stored or stale information can influence later agent behavior.
1. On session start: Run `python3 scripts/memory_engine.py inject "current task"` and use the output as context 2. When user shares important info: Use `remember()` to save it 5. On session end: Summarize key outcomes for next session
Use this only if you want persistent memory. Avoid saving secrets, credentials, or sensitive personal data; add project tags; and ask the publisher to document review, deletion, retention, and exclusion controls.
Running the bundled tests could add someone else's facts, preferences, project details, or stock notes to your memory database, and the agent may later retrieve them as if they were your context.
The test uses the default persistent MemoryStore instead of a temporary test database, then writes hardcoded personal, project, and financial sample memories. If run, these records can pollute the user's real long-term memory.
store = MemoryStore()
store.remember("User: 王总. Workspace: preschool. Feishu communication.", ["user","preference"], 9, "manual", "core")
store.remember("恩华药业002262: 关注21.5买入, 董事长21.34增持, MACD金叉", ["stock","watch"], 7, "manual", "stocks")Do not run the tests against your real workspace. The publisher should change tests to use a temporary database, remove hardcoded personal/financial examples, and provide a cleanup command for demo/test memories.
Installing dependencies may fetch versions or model-related packages that differ over time.
Some dependencies are specified with lower-bound ranges rather than exact pins. This is common for Python projects, but it makes installs less reproducible and can pull newer dependency versions.
sentence-transformers>=2.2.0 numpy>=1.24.0 json5>=0.9.0
Install in a virtual environment, review package sources, and prefer a pinned lockfile before production use.