ClawHub

Memstate AI

v1.2.4

Versioned, structured memory for AI agents. Every fact is tracked, every change is logged, and your agent always gets the current answer — not a pile of outd...

0· 95·0 current·0 all-time
byJason@yepthatsjason
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, required binary (python3), and the single required env var (MEMSTATE_API_KEY) match the included scripts that call https://api.memstate.ai. No unrelated credentials or binaries are requested.
Instruction Scope
SKILL.md instructs the agent to run the bundled Python scripts to search, get, set, ingest, view history, and soft-delete memories. The instructions reference only the included scripts, project/keypath parameters, and the MEMSTATE_API_KEY; they do not direct the agent to read unrelated files or exfiltrate data to unexpected endpoints.
Install Mechanism
No install spec or external downloads are present; this is instruction-only with included Python scripts. Nothing in the manifest downloads or writes third-party code during install.
Credentials
Only MEMSTATE_API_KEY is required and is used exclusively as an X-API-Key header to api.memstate.ai. This is proportionate for a remote API client, but be aware the key will be sent to a third-party service and grants whatever privileges the key provides.
Persistence & Privilege
always is false (no forced global presence). The skill can be invoked autonomously by the agent (default behavior) — normal for skills — which means an agent could call the remote API using your MEMSTATE_API_KEY without further prompts if allowed by your agent configuration.
Assessment
This skill is a straightforward Python client for the Memstate API and only needs MEMSTATE_API_KEY and python3. Before installing: 1) Ensure you trust memstate.ai because your API key and any memories will be sent to api.memstate.ai. 2) Use a least-privilege API key (not a broadly privileged or reused secret) so compromised keys are limited. 3) Remember the agent may call the scripts autonomously — review agent invocation settings if you want to require manual approval. 4) You can inspect the included Python scripts (they are plain and readable) to confirm no additional behavior. Revoke/rotate the key if you stop using the skill or suspect misuse.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bfnm91zyx0armys3dgk6he183jgzy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3
EnvMEMSTATE_API_KEY
Primary envMEMSTATE_API_KEY

Comments