ClawHub

OpenClaw Memory Qdrant

v1.0.10

Local semantic memory with Qdrant and Transformers.js. Store, search, and recall conversation context using vector embeddings (fully local, no API keys).

12· 6k·50 current·52 all-time
byzuiho@zuiho-kai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included code and metadata. Required binaries (node, npm), dependencies (@xenova/transformers, @qdrant/js-client-rest) and config options (qdrantUrl, autoCapture, maxMemorySize) are directly relevant to providing local embeddings and optional Qdrant storage. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md and the code focus on storing/searching memories, embedding text, and optional auto-capture. The docs explicitly disclose first-run model download (~25MB from Hugging Face) and native build requirements. The autoCapture feature can capture PII (emails/phone-like strings) and is documented as opt-in (default false) — this is a privacy risk if enabled but is stated. No instructions direct the agent to read unrelated secrets or system files.
Install Mechanism
There is no platform install spec in the registry (instruction-only), but package.json/package-lock and code files are included. Dependencies are pulled from npm (no suspicious external download URLs). The dependency tree includes native/optional native modules (sharp, onnxruntime, onnxruntime-web, undici) which may require build tools and increase installation friction. Model files are downloaded from Hugging Face at runtime (declared).
Credentials
The skill requests no environment variables or credentials. The only external connector is an optional qdrantUrl config — supplying a Qdrant server is expected for external storage. No unrelated SECRET/TOKEN env vars are requested. The plugin's documentation warns to only point qdrantUrl at trusted servers.
Persistence & Privilege
always is false and disable-model-invocation is false (normal). The plugin registers itself and may use lifecycle hooks for autoCapture/autoRecall, which is expected for a memory plugin. autoCapture is disabled by default. The skill does not request permanent system-wide privileges or modify other skills' configs.
Assessment
This plugin is internally consistent with its stated purpose, but consider the following before installing: - Test in an isolated environment first (it downloads a ~25MB model at first run and has native deps like sharp/onnxruntime that may need build tools). - Keep autoCapture disabled unless you trust the environment — enabling it can capture emails/phone-like strings and other PII. - If you configure qdrantUrl, only use a trusted Qdrant instance (data will be sent to that server). - Pin/install with npm ci or vendor dependencies for production to avoid unexpected upstream changes. - Review and monitor memory size settings (setting maxMemorySize to 999999 disables LRU deletion and can exhaust RAM in in-memory mode).

Like a lobster shell, security has layers — review code before you run it.

latestvk972jm9pce63x9qpb8xwbv6jg9818qyh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsnode, npm

Comments