Smart Memory Plus
v1.4.0Complete memory system for OpenClaw agents. Combines enhanced memory management (WAL protocol, type classification, temporal decay, session cache) with conte...
⭐ 0· 87·0 current·0 all-time
by@zgjq
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (memory management, WAL, compaction, decay, search/graph) match the included scripts and references. No unrelated binaries or cloud credentials are requested; optional env vars only control the local workspace/session id. Files operate on MEMORY.md and workspace/memory/ which is appropriate for the stated purpose.
Instruction Scope
SKILL.md and the scripts limit all writes to the declared workspace and require the agent to use the provided scripts (WAL, compaction, extract, decay, graph) rather than doing direct file writes. The enforcement is procedural: scripts perform path checks and sanitization, but the agent platform could still bypass these scripts by writing files directly if allowed. Also note the memory_graph tool exposes a raw query mode (user-supplied WHERE clause / SQL fragment) which is consistent with a graph tool but should be used carefully as it can read memory contents.
Install Mechanism
No install spec — the skill is instruction-only with included scripts. No downloads or installs from external URLs; all code is present in the package. This is low risk from an install-mechanism perspective.
Credentials
No required credentials or sensitive environment variables are declared. The only env vars are optional workspace/session configuration (OPENCLAW_WORKSPACE, OPENCLAW_SESSION_ID), which are proportionate to the task. Scripts explicitly redact or reject common API key and private-key patterns.
Persistence & Privilege
The skill does not request always: true or other elevated platform privileges. It writes only to files under the declared workspace and /tmp session cache as documented. Scripts create/modify files in the workspace — expected for a memory system — and include logic to avoid overwrites and limit compacts to the last 30.
Assessment
This package appears coherent and implements a local-only memory system. Before installing, consider: 1) Review and test scripts with the workspace pointed to a disposable directory (set OPENCLAW_WORKSPACE to a temp folder) to confirm behavior and outputs. 2) Keep a backup of any existing ~/.openclaw/workspace because the skill warns it conflicts with other memory skills (it will move/archive files). 3) The SKILL.md enforces that the agent must use the provided scripts for writes — this is a policy the skill expects, but the platform or agent could bypass it and write files directly, so only grant file-write capability if you trust the agent or run it sandboxed. 4) Use dry-run options (many scripts have --dry-run or list/status commands) to inspect what would be changed before allowing destructive operations. 5) Be cautious with the graph tool's raw-query mode: treat it as read-only tooling for inspection and avoid running untrusted SQL fragments against your workspace. If you want higher assurance, run the scripts manually in an isolated environment first.Like a lobster shell, security has layers — review code before you run it.
compressionvk9711cg34253q7dmg7psc043vh841nhrgraphvk9711cg34253q7dmg7psc043vh841nhrlatestvk978b2ft6yc4cbg6648emj8bdn841d98memoryvk9711cg34253q7dmg7psc043vh841nhrsearchvk9711cg34253q7dmg7psc043vh841nhrzero-depvk9711cg34253q7dmg7psc043vh841nhr
License
MIT-0
Free to use, modify, and redistribute. No attribution required.