Self-Evolving Five-Layer Memory System
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is a coherent memory framework, but it asks the agent to persist sensitive profile/config data and automatically evolve its own instruction files without clear user controls.
Review this carefully before installing. Use it only if you want a persistent local memory system, disable or manually gate automatic heartbeat/consolidation behavior, do not store secrets such as API keys, and require approval before it updates AGENTS.md, SOUL.md, or other instruction files.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private profile details, contacts, conversation-derived preferences, or secret-related configuration could be stored and reused in future tasks.
The skill directs automatic extraction into persistent memory and explicitly lists sensitive identity/contact data and API-key-related environment facts as KG content, without clear redaction, retention, or user-approval controls.
每次心跳执行:1. 对话记忆主动提取 → 写入 MemPalace KG ... 推荐 KG 实体分类:用户身份(称呼、OpenID、联系方式) ... 环境状态(组件、API Keys)
Only store explicitly approved memory, avoid storing API keys or secrets, add retention/redaction rules, and require user confirmation before writing sensitive entries.
Mistaken or manipulated memory could become a standing rule that changes how the agent behaves later.
Repeated error records can be promoted into persistent instruction files that govern the agent, so a bad classification or poisoned memory item could affect future sessions and decisions.
进化机制:成长箱同类错误 3 次 → 晋升为规则 → 写入 AGENTS.md / SOUL.md
Require explicit human review and a visible diff before modifying AGENTS.md, SOUL.md, or other instruction-bearing files; keep changes reversible.
If a user later supplies or obtains the missing script, it could scan and mutate workspace memory files without the behavior being reviewed as part of this skill.
The artifacts reference and recommend automatic execution of a consolidation script, but the provided skill package is instruction-only and does not include that script for review.
python3 scripts/mempalace_consolidation.py ... 建议在 HEARTBEAT.md 中配置为每次心跳自动执行。
Do not configure automatic execution until the script source is present, reviewed, pinned to a trusted source, and restricted to approved paths.