ClawHub

Session Memory & Summarization

v0.2.0

Automatically loads recent conversation memory into new sessions and generates AI summaries during compaction to maintain continuity across conversations. Pr...

0· 82·0 current·0 all-time
byThomas Alcala Schneider@thomasmarcel
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (session continuity + summarization) match the included handlers: session:compact:before creates summaries and appends a recent_messages JSON block; session:start loads summaries and that recent block. No unrelated credentials, binaries, or outside services are requested.
Instruction Scope
Handlers only read/write files under workspace/memory and access the hook context (messages, session, config). This matches SKILL.md. Note: the skill intentionally persists the last N raw message turns verbatim to disk (default 10), which is expected for exact resumption but expands the attack surface for sensitive data leakage.
Install Mechanism
No install spec (instruction-only skill). Handlers are plain JS executed by OpenClaw; nothing downloads arbitrary code or external archives. Minor documentation inconsistency: SKILL.md/README suggest different git clone URLs (thomasmarcel vs animo66), which is a provenance/documentation mismatch but not an installation-time code-install risk in itself.
Credentials
The skill requests no environment variables, no credentials, and no config paths beyond the workspace. It does reference a platform global agent (global.__OPENCLAW_AGENT__) to call agent.generateSummary(), which is reasonable for summarization and falls back to a local summarizer if not present.
Persistence & Privilege
always is false and the skill does not request elevated platform privileges. However it intentionally persists verbatim conversation chunks to the workspace/memory directory (plaintext JSON in daily .md files). That persistence is core functionality but is a material privacy/retention concern and should be considered a privileged data storage behavior.
Assessment
This skill appears to do what it says (load summaries and the last N raw messages), but it stores the last 10 verbatim turns in workspace/memory as plaintext — that can include secrets or PII. Before installing: (1) decide whether storing verbatim messages on disk is acceptable for your environment; (2) consider reducing MAX_RECENT_MESSAGES or MAX_CONTENT_PER_MSG, or adding encryption/access controls to the memory/ directory; (3) verify which GitHub repo you should trust (docs reference more than one URL) and review source history; (4) test in an isolated workspace first to confirm no unexpected network activity and to see how long sensitive data persists; (5) if you need stricter guarantees, ask the maintainer to add optional encryption, retention policies, or replace verbatim storage with redaction.

Like a lobster shell, security has layers — review code before you run it.

latestvk971v3d64hk1vdz7g9q33zf02x84490s

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments