Memory Manager
AdvisoryAudited by VirusTotal on Apr 18, 2026.
Overview
Type: OpenClaw Skill Name: wcwudi-memory-manager Version: 1.0.0 The 'wcwudi-memory-manager' skill is a legitimate utility designed for managing OpenClaw agent memory files, providing features for archiving, status monitoring, and controlled memory sharing between agents. The bundle includes extensive documentation (SKILL.md, README.md, ARCHITECTURE.md) and configuration (default.json) that prioritize security through manual user confirmation, detailed operation logging in JSON format, and the use of a 'temp/to_delete' staging area to prevent accidental data loss. No evidence of malicious intent, data exfiltration, or unauthorized system access was found, and the provided PowerShell script descriptions are strictly aligned with the stated purpose of workspace file management.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user obtains or runs similarly named scripts from elsewhere, those scripts would not have been reviewed here.
The package summary describes PowerShell scripts as included and tested, but the supplied manifest contains only documentation/config files and no scripts, so the referenced helper behavior cannot be audited from this package.
scripts/ ... memory_check.ps1 ... agent_check.ps1 ... simple_logger.ps1 ... archive_tool.ps1
Only run helper scripts that are actually included from a trusted source and inspected first; the maintainer should publish a complete package or update the docs.
Incorrect, sensitive, or untrusted content placed in memory could be reused later by the agent or shared with other agents.
The skill is designed to maintain long-term memory containing preferences, knowledge, and decisions, which can influence future agent behavior.
long-term/ # 长期记忆 ... preferences/ # 用户偏好 ... knowledge/ # 知识库 ... decisions/ # 重要决策
Keep secrets out of shared memory, periodically review stored memories, and clearly separate trusted long-term notes from temporary or unverified content.
Memory can cross agent boundaries, so another agent’s stale or untrusted files may affect the main agent’s context.
The default configuration maps a separate agent memory path for inter-agent memory sharing.
"writing-assistant": { "path": "D:\\writing-bot\\workspace\\memory", "access_level": "read_only", "enabled": true }Keep sub-agent access read-only unless needed, verify any writable sharing path, and review shared files before promoting them into long-term memory.
A wrong path or unreviewed cleanup command could delete files the user intended to keep.
The quick-start documentation includes a manual cleanup command that recursively deletes files under the configured temp directory.
Get-ChildItem $tempDir -Recurse -File | Where-Object { $_.LastWriteTime -lt (Get-Date).AddDays(-7) } | Remove-Item -ForceList files before deleting, confirm the temp path, and avoid running cleanup/archive commands automatically without user approval.