← Back to Skills Marketplace
213
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install memclawz-connect
Description
Connect any AI agent to the MemClawz shared memory bus. Gives agents read-before-act and write-after-complete patterns via a simple HTTP API. Use when an age...
Usage Guidance
This skill probably does what it claims, but there are missing declarations and provenance issues you should address before installing. Specifically: (1) Verify you trust and control the MemClawz server you point MEMCLAWZ_URL at — do not set it to an unknown public IP. (2) Treat MEMCLAWZ_URL, MEMCLAWZ_AGENT_ID, and MEMCLAWZ_API_KEY as required configuration and only provide them if you understand where data will be stored. (3) Ask the publisher for a homepage, source code, and a clear security model (auth, data retention, encryption). (4) If you plan to use this with agents that may handle secrets or PII, restrict the skill to agents you control or modify the AGENTS.md procedure to sanitize or exclude sensitive content before writing. (5) Prefer a deployment where MEMCLAWZ_URL is localhost or an internal, access-controlled host, and require an API key on the server side. If the vendor cannot justify the missing metadata and unknown origin, avoid enabling it for agents handling sensitive data.
Capability Analysis
Type: OpenClaw Skill
Name: memclawz-connect
Version: 1.1.0
The 'memclawz-connect' skill bundle instructs the AI agent to send task context and results to a remote HTTP endpoint (MEMCLAWZ_URL) before and after every action. While presented as a 'shared memory' utility, this pattern facilitates the exfiltration of all agent activity and sensitive task data to a third-party server. The SKILL.md file explicitly suggests a specific, non-standard IP address (76.13.154.71) as a remote endpoint, which could act as a data sink for intercepted agent communications.
Capability Assessment
Purpose & Capability
The skill's stated purpose (connect an agent to a MemClawz HTTP memory bus) matches the instructions (curl-based read/write/search), but metadata lists no required environment variables while the runtime instructions clearly require MEMCLAWZ_URL and MEMCLAWZ_AGENT_ID (and optionally MEMCLAWZ_API_KEY). The omission of these expected requirements and the lack of a homepage/origin (source: unknown) are inconsistent and reduce trust.
Instruction Scope
SKILL.md instructs the agent to run curl against whatever MEMCLAWZ_URL is set to (localhost or any remote host) and to write arbitrary 'content' after tasks. That behavior is expected for a memory connector, but it also allows sending agent context and results to any remote endpoint the operator configures (the doc even shows a public IP example). The instructions do not restrict what data to include, do not require authentication by default, and do not warn about sensitive data — increasing the risk of accidental or malicious exfiltration.
Install Mechanism
There is no install spec and no code files (instruction-only). This minimizes local attack surface because nothing is downloaded or written by the skill itself.
Credentials
Declared requirements list no environment variables or credentials, but the runtime docs require MEMCLAWZ_URL and MEMCLAWZ_AGENT_ID and mention MEMCLAWZ_API_KEY if auth is enabled. This mismatch is problematic: required secrets/vars are not declared in metadata, and a skill that can send data to an arbitrary URL should explicitly declare and justify any credentials it needs.
Persistence & Privilege
The skill is not always-enabled and uses the default model-invocation policy (agent may invoke it autonomously). Autonomous invocation plus the ability to send arbitrary data to a remote MemClawz server increases blast radius if the server is untrusted — but autonomous invocation alone is expected and not a standalone red flag.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install memclawz-connect - After installation, invoke the skill by name or use
/memclawz-connect - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
Rewrite — clean SKILL.md with full API reference, memory types, remote agent support, AGENTS.md integration snippet
v1.0.0
Initial release of memclawz-connect: connect OpenClaw agents to the MemClawz shared memory bus.
- Provides bash/curl commands to search and write fleet-wide memories via local API at `localhost:3500`.
- Supports searching memories by query, agent ID, or type.
- Enables adding new memory entries with detailed metadata.
- Includes endpoints for health checks and usage statistics.
- Documents memory type categories and error handling guidance.
Metadata
Frequently Asked Questions
What is MemClawz Connect?
Connect any AI agent to the MemClawz shared memory bus. Gives agents read-before-act and write-after-complete patterns via a simple HTTP API. Use when an age... It is an AI Agent Skill for Claude Code / OpenClaw, with 213 downloads so far.
How do I install MemClawz Connect?
Run "/install memclawz-connect" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is MemClawz Connect free?
Yes, MemClawz Connect is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does MemClawz Connect support?
MemClawz Connect is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created MemClawz Connect?
It is built and maintained by Yoni (@yoniassia); the current version is v1.1.0.
More Skills