← Back to Skills Marketplace

Memory Tree

Name: Memory Tree
Author: masongmx

by Masongmx · GitHub ↗ · v2.0.1 · MIT-0

cross-platform ⚠ suspicious

236

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install memory-tree

Description

🌳 记忆树 — 周报自动生成，永久记忆标记，关键词搜索。说句话就能用。

Usage Guidance

This skill appears to implement the advertised local weekly-report/search/mark features, but the documentation and security note contain inconsistencies about cloud fallbacks and automatic cron installation. Before installing: 1) Inspect scripts/memory_tree.py yourself (it is included) to confirm there are no network calls or reference to cloud API keys in the shipped version. 2) Check your environment for OPENAI/ZHIPU (or other cloud) API keys if you require strictly local operation — remove/unset them or run the script in an isolated environment. 3) If you don't want persistent scheduling, do not run the 'setup' command (or inspect the exact crontab entries the setup would create). 4) Backup ~/.openclaw/workspace and review openclaw.json (the skill will read it to detect channels). 5) If anything in the README/SECURITY.md doesn't match the actual code you see, treat that as a red flag and ask the author to clarify.

Capability Analysis

Type: OpenClaw Skill Name: memory-tree Version: 2.0.1 The skill is classified as suspicious due to significant discrepancies between the documentation and the actual code, as well as its access to sensitive configuration files. While the script (scripts/memory_tree.py) claims to be a simplified v2.0, the README.md and SECURITY.md describe high-risk features like automated cron job persistence and cloud API fallbacks (OpenAI/Zhipu) that are not present in the provided source. Most notably, the script reads the user's primary 'openclaw.json' configuration file to extract communication channel IDs (e.g., Feishu chat_ids), which is a high-privilege action that could be leveraged for unauthorized data exposure.

Capability Assessment

ℹ Purpose & Capability

Name/description (weekly reports, search, permanent mark) match the shipped Python script which reads ~/.openclaw/workspace/MEMORY.md, builds reports, and writes under ~/.openclaw/workspace/memory-tree/data. However docs/README/SECURITY.md mention semantic backends (Ollama / cloud fallbacks) and 'zero-config' automatic behavior while the v2.0 script header states Ollama/cloud embedding was removed. This mismatch between docs and code is confusing and unexpected.

⚠ Instruction Scope

SKILL.md instructs running the included script for weekly/search/mark. The code reads and writes files under the user's OpenClaw workspace (~/.openclaw/... ) and reads openclaw.json to detect 'enabled channels' — behavior that is coherent for pushing reports to configured channels but expands scope beyond just local indexing/search. SECURITY.md states a 'setup' command will create cron jobs for daily/weekly tasks; that means the skill can persist scheduled actions on the user's account if the user runs setup. The SKILL.md itself does not make the cron/setup step explicit, which is scope-creep and a usability/safety concern.

✓ Install Mechanism

This is an instruction-only skill with a single Python script and no install spec — nothing is downloaded or installed automatically by the skill bundle itself. That lowers install-time risk.

ℹ Credentials

The skill declares no required env vars or credentials. SECURITY.md (included) warns older versions or configurations may send content to cloud embedding APIs if ZHIPU_API_KEY or OPENAI_API_KEY are present. The current v2.0 script text shown does not reference cloud API keys, but the documentation's mixed messages mean a user should verify the exact code version and ensure no unintended cloud keys are present if they require strict locality.

⚠ Persistence & Privilege

The package can create user-level cron jobs (per SECURITY.md) when the 'setup' command is invoked; that grants persistent scheduled execution. While user-level cron is not a system-wide escalation, it is a non-trivial persistent presence and should only be enabled after reviewing the exact setup steps and crontab entries. The skill also reads/writes files under the user's workspace and openclaw.json, which is expected but noteworthy.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install memory-tree
After installation, invoke the skill by name or use /memory-tree
Provide required inputs per the skill's parameter spec and get structured output

Version History

v2.0.1

精简项目介绍，优化可读性

v2.0.0

v2.0: 周报生成、永久记忆标记、关键词搜索；删除无效的decay和embedding依赖

v0.2.0

Multi-backend search (Ollama/Zhipu/OpenAI/Keyword), auto-detect, zero dependencies, one-command setup

Metadata

Slug memory-tree

Version 2.0.1

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 3

Frequently Asked Questions

What is Memory Tree?

🌳 记忆树 — 周报自动生成，永久记忆标记，关键词搜索。说句话就能用。 It is an AI Agent Skill for Claude Code / OpenClaw, with 236 downloads so far.

How do I install Memory Tree?

Run "/install memory-tree" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Memory Tree free?

Yes, Memory Tree is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Memory Tree support?

Memory Tree is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Memory Tree?

It is built and maintained by Masongmx (@masongmx); the current version is v2.0.1.

More Skills