Rune - Self-Improving AI Memory
ReviewAudited by ClawScan on May 10, 2026.
Overview
Rune appears to be a legitimate memory tool, but it deserves review because it installs persistent hooks and broad “mandatory” memory-use instructions while the registry under-declares its install behavior.
Install Rune only if you want persistent cross-session AI memory and are comfortable with session hooks and workflow files that encourage automatic recall. Review the install/setup scripts first, prefer local Ollama mode for private data, avoid storing secrets, and make sure the registry/install metadata is corrected or understood before enabling it.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may consult and inject stored memory for unrelated or simple requests, potentially changing answers or exposing old context unnecessarily.
The workflow setup writes persistent instructions that make Rune recall mandatory before every response, which is broader than a scoped, user-requested memory lookup.
## 🚨 CRITICAL: Memory Usage Is Not Optional ... ### BEFORE Every Response ... # 1. ALWAYS recall relevant context first
Scope the workflow to relevant tasks, make automatic recall clearly opt-in, and provide an easy way to disable or narrow these instructions.
Users or platform controls may not correctly surface that installing this skill can run scripts, install npm packages, modify workspace files, and add hooks.
The package declares executable install/setup scripts even though the supplied registry metadata says there is no install spec and the skill is instruction-only.
"script": "./install.sh" ... "script": "./setup-workflow.sh"
Publish accurate registry install metadata and review install.sh/setup-workflow.sh before running them.
The skill can automatically recall context and save session style information after installation.
Rune is configured to run automatically at session start and end, creating persistent memory behavior across sessions.
"sessionHooks": { "start": "./rune-session-handler.sh start", "end": "./rune-session-handler.sh end" }Enable the hooks only if you want cross-session memory, and remove or disable them if you prefer manual recall only.
Personal preferences, project details, decisions, or inaccurate facts may persist and influence future agent responses.
The skill stores persistent facts and later injects selected context into agent sessions, which is core to its purpose but sensitive.
**SQLite Database**: All memory stored in `~/.openclaw/memory.db`
Do not store secrets, periodically review/delete memory entries, and protect or back up ~/.openclaw/memory.db appropriately.
If cloud extraction is used, selected content and API usage may be sent to the configured provider and billed to the user’s account.
The static scan shows optional provider credential use for cloud LLM features, which matches the documented OpenAI/Anthropic support but is not declared in the registry requirements.
const apiKey = process.env.OPENAI_API_KEY;
Use local Ollama mode for private data, set cloud API keys only when needed, and verify which files are processed before running extraction.