OpenClaw Memory Fusion
PassAudited by ClawScan on May 10, 2026.
Overview
The skill is purpose-aligned for managing OpenClaw memory, but users should notice that it can persist, reorganize, and index workspace memory files when explicitly applied.
This appears safe to use for its stated purpose if you want a persistent OpenClaw memory-management system. Treat --apply commands as real changes to your OpenClaw workspace, review dry-run output first, and be mindful that auto-capture and semantic sync can make existing memory notes more durable and easier for future agents to reuse.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If applied, the skill can change memory configuration and reorganize memory files in the OpenClaw workspace.
The skill documents local commands that can mutate OpenClaw memory configuration and workspace files. This is central to the stated purpose and is gated by explicit --apply examples rather than hidden automatic execution.
Apply installation and configure memory search: ```bash python3 ~/.agents/skills/openclaw-memory-fusion/scripts/openclaw_memory_fusion.py install --apply --provider local ```
Run doctor and dry-run commands first, review the planned changes, and rely on the documented rollback if the result is not what you intended.
Information captured into these files may influence later OpenClaw behavior and may preserve sensitive project details if those details are present in the source memory.
The skill intentionally creates persistent event memory and semantic retrieval files that may be reused in future agent context.
- event memory: `memory_fusion/events/*.jsonl` - semantic retrieval layer: `memory_fusion/semantic/*.md`
Only apply auto-capture or semantic sync after reviewing what will be captured, and periodically inspect or prune memory_fusion files if they include sensitive or outdated information.
Past notes may become easier for the agent to retrieve and reuse, including notes that were informal, stale, or sensitive.
Auto-capture can transform existing working memory and ops notes into structured events. This is disclosed and purpose-aligned, but it can make prior notes more durable and retrievable.
`auto-capture` extracts structured events from recent `memory/YYYY-MM-DD.md` and ops notes
Use the dry-run default first, review proposed captured events, and avoid applying auto-capture to memory that contains secrets or private material you do not want reused.
There is less reviewer certainty about the complete local script than there would be with full visible source.
The provided artifact dump contains only a truncated view of the runnable Python script. The visible code and static scan do not show suspicious behavior, but the manual review cannot fully inspect the entire script from the supplied text.
"content": "#!/usr/bin/env python3\nimport argparse...\n \n...[truncated]", "truncated": true
Before using --apply commands, inspect the installed script locally or obtain the full source from a trusted source.