Claw Memory Lite
PassAudited by ClawScan on May 10, 2026.
Overview
The skill is a local SQLite-based memory helper with expected persistence, but users should notice that it stores extracted agent-memory facts and includes extra meta-learning scripts beyond the short SKILL description.
This appears to be a local-only memory skill rather than malware. Before installing, decide whether you want daily extraction into ~/.openclaw/database/insight.db, avoid placing API keys or passwords in memory markdown files, and review the extra meta-learning scripts if you plan to use trust scoring or guardrail summaries.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Information written in daily memory files can become persistent agent context and may be reused in later sessions.
The skill extracts facts from local memory markdown files and stores them persistently in a SQLite database for later retrieval.
MEMORY_DIR = WORKSPACE / "memory" ... save_to_db(category=result["l1_category"], content=fact, keywords=result["keywords"], source_file=file_path.name)
Do not store secrets or untrusted instructions in memory files; periodically review or delete the SQLite database if needed.
If enabled, the agent will keep updating its local long-term memory on a schedule.
The skill documents an optional recurring heartbeat task that continues extracting memory after setup.
To enable automatic daily extraction, add the following to your `HEARTBEAT.md`: `python ~/.openclaw/extensions/claw-memory-lite/scripts/extract_memory.py`
Enable the heartbeat entry only if you want ongoing extraction, and remove it to stop recurring updates.
If used, local regression notes could affect future agent routing decisions, so inaccurate or manipulated notes could bias behavior.
The repository includes a persistent trust scoring script that can steer future tool/model choices based on parsed regression notes.
Scores persist in insight.db and guide automated decisions: - X.com links → always use grok42 ... - web_fetch → low trust, used only as last resort
Treat generated trust scores and guardrails as advisory, review REGRESSIONS.md before relying on them, and avoid letting untrusted content write to those files.