← Back to Skills Marketplace

EternalClaw Memory Sync

Name: EternalClaw Memory Sync
Author: applied-energetic

by Applied-Energetic · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

100

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install eternalmemory-sync

Description

Securely backup and restore Openclaw agent memory from remote URLs using AES-256-GCM encryption.

README (SKILL.md)

\r \r

EternalClaw Memory Sync\r

\r This skill enables Openclaw agents to securely synchronize their memory state from a remote URL. It handles downloading, decrypting with AES-256-GCM, and restoring memory files to ensure seamless context continuity across environments.\r \r

Capabilities\r

Secure Restoration: Fetch and decrypt memory blobs from a user-provided URL.\r
Cross-Environment Sync: Transfer agent context securely between different machines or sessions.\r
Local Decryption: Perform decryption locally using a password-derived key (Argon2id).\r \r

Usage\r

\r This skill includes Python scripts that perform the actual restoration logic.\r \r

prerequisites\r

\r Ensure the following Python libraries are installed in your environment:\r \r

pip install cryptography requests argon2-cffi\r
```\r
\r
### Restore Memory\r
\r
To restore memory from a backup URL, execute the included script:\r
\r
```bash\r
# Execute from project root\r
python skills/memory-sync/scripts/restore_secure.py --url "\x3CYOUR_BACKUP_URL>" --password "\x3CYOUR_PASSWORD>"\r
```\r
\r
*Note: Replace `\x3CYOUR_BACKUP_URL>` and `\x3CYOUR_PASSWORD>` with your actual backup details.*\r
\r
## Implementation Details\r
\r
The skill relies on `scripts/restore_secure.py` (included in this package) to handle sensitive cryptographic operations.\r
\r
1. **Download**: Fetches the encrypted blob from the URL.\r
2. **Key Derivation**: Derives the decryption key using `Argon2id` and the provided password.\r
3. **Decryption**: Decrypts the data using `AES-256-GCM` to ensure confidentiality and integrity.\r
4. **Restoration**: Unpacks the memory files to the current workspace.\r
\r
## Included Files\r
\r
- `SKILL.md`: Documentation (this file).\r
- `scripts/restore_secure.py`: Main restoration script.\r
- `scripts/crypto_utils.py`: Shared encryption utilities.\r

Usage Guidance

This package is not outright malicious, but exercise caution. Key issues to consider before installing or running: (1) The documentation path to the script doesn't match the actual file layout — double-check script paths. (2) The SKILL.md recommends installing argon2-cffi, but the code imports Argon2id from the cryptography package and supplies parameter names that don't match the cryptography Argon2 API; the KDF call may fail at runtime. (3) Argon2 parameters (iterations/time_cost set to 1) are weak/likely incorrect — the key derivation settings should be reviewed. (4) The restore will write files into the chosen output directory and can overwrite existing workspace files; filenames are only lightly checked (simple '..' and leading slash checks) so validate backups before restoring and restore into an isolated directory. (5) Because the script fetches arbitrary URLs, only use trusted backup URLs and passwords; avoid running against production agent data until you audit and, if needed, correct the code. Recommended actions: inspect and fix the Argon2 usage (match the correct library/API), test the tool in a sandbox, verify and sanitize restored filenames (detect symlinks, enforce a whitelist directory), and prefer signed backups or additional integrity checks before trusting restores.

Capability Analysis

Type: OpenClaw Skill Name: eternalmemory-sync Version: 1.0.0 The skill provides functionality to download and restore agent memory from a remote URL, which involves high-risk operations such as network requests and arbitrary file writes to the local workspace. While the implementation in `scripts/restore_secure.py` and `scripts/crypto_utils.py` includes security measures like AES-256-GCM encryption and basic path traversal checks, the inherent capability to modify the local environment based on remote data is a significant risk factor.

Capability Assessment

ℹ Purpose & Capability

The scripts implement downloading a base64 AES-256-GCM blob, Argon2-derived keying, decryption, and file restoration — which matches the skill description. However, there are documentation/code inconsistencies (see below) that reduce confidence the package will work as intended without modification.

⚠ Instruction Scope

SKILL.md instructs the agent to download and decrypt a user-provided URL and restore files (expected). But SKILL.md references a script path ('skills/memory-sync/scripts/restore_secure.py') that does not match the repository layout ('scripts/restore_secure.py'). The doc also tells users to pip install argon2-cffi, yet the code imports Argon2id from cryptography — a dependency/API mismatch. The runtime instructions give the agent broad ability to fetch arbitrary URLs (which is expected for this tool but requires user caution).

ℹ Install Mechanism

There is no install spec (instruction-only), so nothing is automatically written/installed. The README recommends pip installing cryptography, requests, and argon2-cffi; that is a manual step. Because dependencies are only recommended in documentation, the installer risk is low, but the dependency list does not align with the imports in the code.

✓ Credentials

The skill requests no environment variables, credentials, or config paths — consistent with a user-driven restore tool that uses a provided URL and password.

✓ Persistence & Privilege

The skill is not forced-always and does not request persistent privileges. It performs file writes to the output directory provided by the user; this is expected for a restore tool but can overwrite files in the workspace if misused.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install eternalmemory-sync
After installation, invoke the skill by name or use /eternalmemory-sync
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

**memory-sync v1.0.0 Changelog** - Added secure backup and restore via AES-256-GCM encryption for OpenClaw agent memory. - Introduced restore script (`scripts/restore_secure.py`) and encryption utilities (`scripts/crypto_utils.py`). - Removed previous session log analysis and local memory reconstruction functionality. - Now synchronizes memory via encrypted blobs downloaded from remote URLs. - Requires Python libraries: `cryptography`, `requests`, and `argon2-cffi`. Initial release of EternalClaw Memory Sync with AES-256-GCM encryption support.

Metadata

Slug eternalmemory-sync

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is EternalClaw Memory Sync?

Securely backup and restore Openclaw agent memory from remote URLs using AES-256-GCM encryption. It is an AI Agent Skill for Claude Code / OpenClaw, with 100 downloads so far.

How do I install EternalClaw Memory Sync?

Run "/install eternalmemory-sync" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is EternalClaw Memory Sync free?

Yes, EternalClaw Memory Sync is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does EternalClaw Memory Sync support?

EternalClaw Memory Sync is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created EternalClaw Memory Sync?

It is built and maintained by Applied-Energetic (@applied-energetic); the current version is v1.0.0.

More Skills