Morrow Agent Memory
Security checks across malware telemetry and agentic risk
Overview
This instruction-only skill is coherent for building persistent agent memory, but users should configure its optional persistence, package setup, and token-based integrations carefully.
This appears suitable if you want guidance on persistent agent memory. Before using it, decide where memory files may be stored, avoid writing secrets into long-lived memory, review memory contents regularly, protect any OpenClaw gateway token, and run optional Graphiti/Neo4j setup in an isolated environment with pinned versions where possible.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Information written into memory may affect future agent behavior across sessions.
The skill explicitly recommends writing durable memory that will be reused across sessions; this is expected for the purpose, but persistent memory can preserve stale, sensitive, or poisoned facts if not reviewed.
Write before you forget. Externalize important facts immediately, not at the end of a session.
Store only appropriate facts, avoid secrets unless necessary, timestamp entries, and periodically review or prune persistent memory files.
Installing unpinned packages can change the local Python environment and may pull newer dependency versions than expected.
The optional Graphiti setup uses an unpinned package install and the `--break-system-packages` flag. This is user-directed and purpose-aligned, but it carries normal package provenance and environment-safety considerations.
pip install graphiti-core --user --break-system-packages
Use a virtual environment or container, pin package versions where possible, and review Graphiti/Neo4j installation steps before running them.
Anyone with the token may be able to access the local OpenClaw gateway according to that token’s permissions.
The reference describes using a bearer token for the local OpenClaw API. This is expected for an OpenClaw integration, but gateway tokens are sensitive credentials.
Auth: `Authorization: Bearer $OPENCLAW_GATEWAY_TOKEN`
Keep the gateway token out of memory files, logs, and shared documents; scope and rotate it according to OpenClaw guidance.