Morrow Agent Memory
v1.0.0Design, implement, and debug memory systems for persistent autonomous AI agents. Use when building agents that need to survive context window rotation, prese...
⭐ 0· 81·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name and description match the content of SKILL.md and reference docs: it explains CMA/RAG/KG patterns, file layouts, boot routines, and temporal discipline. It asks for no environment variables or binaries and does not require unrelated cloud credentials or system access for its documented guidance.
Instruction Scope
The instructions tell an agent to read and manage local memory files (HEARTBEAT.md, CORE_MEMORY.md, OPEN_LOOPS.md, RUNTIME_REALITY.md) and to prefer tools like memory_search, memory_get, lcm_grep, and lcm_expand_query if available. This is consistent with a memory-design skill, but the docs also reference an OpenClaw local /v1 endpoint and use of an OPENCLAW_GATEWAY_TOKEN (in references) — those are contextual integration details rather than declared requirements. Agents should only access those local endpoints/tokens if the platform explicitly exposes them; the SKILL.md does not itself request or store secrets.
Install Mechanism
There is no install spec and no code files — lowest-risk form. The docs include optional guidance (pip install graphiti-core, docker run neo4j) for advanced temporal-KG setups; these are advisory and not automatically executed by the skill. Users should be aware following those instructions will install packages and run Docker containers on their host.
Credentials
The skill declares no required environment variables or credentials (proportionate). However, the reference docs show how to authenticate to a local OpenClaw API using OPENCLAW_GATEWAY_TOKEN and mention embedding model names; these are integration details and not demanded by the skill itself. Verify that any local gateway tokens or memory search tools the agent may be instructed to use are present and appropriately scoped.
Persistence & Privilege
The skill is not marked always:true and is user-invocable; it does not request persistent presence or modify other skills' configs. There is no evidence it seeks elevated agent privileges.
Assessment
This skill is documentation and runtime instructions for building agent memory systems — not executable code. It appears coherent and appropriate for that purpose. Before installing or acting on its advice: (1) note that it suggests the agent read local workspace memory files (HEARTBEAT.md, CORE_MEMORY.md, etc.) — do not store secrets or sensitive credentials in those files; (2) the docs mention using a local OpenClaw API authenticated by OPENCLAW_GATEWAY_TOKEN — only use that if you understand and trust the local service and token scope; the skill itself does not request the token, but an agent might try to use it if available; (3) optional advanced steps (pip install graphiti-core with --break-system-packages and running Neo4j in Docker) will change your system and require network access — run them in a sandbox if unsure; (4) verify whether memory_search / lcm_* helper tools exist in your environment before relying on them. Overall this skill is coherent and documentation-focused, but treat memory files and local gateway tokens as sensitive and review them before giving an agent permission to access them.Like a lobster shell, security has layers — review code before you run it.
latestvk974nvstjv0b7wx8tas7x54mxs83q8nz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🧠 Clawdis