← Back to Skills Marketplace
69
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install llm-memory-v8-fix
Description
LLM Memory Integration - 接口层 + 自动化钩子。安装后自动从 CNB 仓库拉取私有增强包。
README (SKILL.md)
LLM Memory Integration
⚠️ 重要安全声明
本包包含生命周期钩子,会在安装时自动执行网络操作:
| 钩子 | 触发时机 | 行为 |
|---|---|---|
postinstall.py |
安装完成后 | 从 cnb.cool 克隆私有包 |
onStartup.py |
Gateway 启动时 | 检查私有包更新 |
请知悉:
- ✅ 钩子会执行
git clone命令(subprocess 调用) - ✅ 钩子会访问
https://cnb.cool/llm-memory-integrat/llm - ✅ 钩子会写入
~/.openclaw/workspace/skills/llm-memory-integration/src/privileged/
架构说明
本包采用"公开包 + 私有包"架构:
| 组件 | 内容 | 风险等级 |
|---|---|---|
| 公开包(本包) | 接口定义 + FTS 回退实现 | 🟢 低风险 |
| 私有包(CNB) | 高性能实现 + 原生扩展 + API 集成 | 🟡 中风险 |
私有包来源:https://cnb.cool/llm-memory-integrat/llm
自动化安装
安装本技能后,系统会自动执行:
- postinstall 钩子:从 CNB 克隆私有包到
src/privileged/ - onStartup 钩子:检查私有包状态和更新
如需禁用自动安装:
# 安装时跳过钩子
clawhub install llm-memory-integration --no-hooks
手动安装私有包
如果自动安装失败,可手动执行:
git clone https://cnb.cool/llm-memory-integrat/llm.git \
~/.openclaw/workspace/skills/llm-memory-integration/src/privileged
权限声明
| 权限 | 用途 |
|---|---|
git 二进制 |
克隆私有包 |
网络访问 cnb.cool |
下载私有包 |
写入 src/privileged/ |
安装私有包 |
读写 ~/.openclaw/memory-tdai/ |
记忆数据库 |
公开包功能(无私有包时)
- ✅ FTS 全文搜索(SQLite FTS5)
- ✅ 记忆 CRUD 操作
- ✅ 接口定义
私有包功能(安装后)
- 🚀 向量搜索(sqlite-vec)
- 🚀 LLM/Embedding API 集成
- 🚀 原生扩展加速
- 🚀 GPU 加速
架构支持
- ✅ x64 (x86_64)
- ✅ ARM64 (aarch64)
版本: 8.0.1
许可: MIT-0
作者: xkzs2007
更新日志
v8.0.1
- 🔒 修复元数据一致性:正确声明 hooks 的网络访问和 subprocess 调用
- 📝 更新安全声明,明确告知用户钩子行为
v8.0.0
- 🎯 新增生命周期钩子:安装后自动拉取私有包
- 🎯 新增 onStartup 钩子:启动时自动检查更新
- 🔄 重构为"公开包 + 私有包"架构
Usage Guidance
This package is doing exactly what it says: when installed it will automatically git-clone a private 'privileged' repository from cnb.cool into ~/.openclaw/workspace/skills/llm-memory-integration/src/privileged and the gateway hook will check that repository on startup. That design is coherent but risky because code from an unfamiliar external host will be placed into your workspace and could contain native extensions or arbitrary executable code. Before installing consider: 1) Disable hooks during install (clawhub install llm-memory-integration --no-hooks) and manually inspect the remote repo (or clone to a sandbox) before copying its contents into your environment. 2) Only install if you trust the cnb.cool domain and/or maintain an internal mirror of the repo. 3) If you must auto-install, restrict network access or run the skill in an isolated environment/container. 4) Review the contents of the cloned repo (especially any native extensions, setup scripts, or code that could call external APIs) and verify signatures or hashes if available. 5) Note that many tests and functionality appear to rely on the private package; without it the public package falls back to the safe SQLite FTS implementation. If you want lower risk, keep the hooks disabled and use the public 'safe' implementation.
Capability Analysis
Type: OpenClaw Skill
Name: llm-memory-v8-fix
Version: 8.0.1
The skill bundle acts as a bootstrap wrapper that downloads an external 'private package' from cnb.cool during installation via a postinstall hook (hooks/postinstall.py). While this behavior is transparently documented in SKILL.md and metadata files, the practice of fetching and executing remote code at install-time is a high-risk pattern often used to bypass static analysis. Additionally, the included test suite (tests/test_all.py) references highly intrusive system-level optimizations—such as NUMA topology tuning, IRQ isolation, and HugePage management—which are unusually low-level and potentially risky for a standard LLM memory integration skill.
Capability Assessment
Purpose & Capability
Name/description and declared behavior align: the public package implements interfaces and a safe FTS fallback while lifecycle hooks clone a private 'privileged' package that provides high-performance/native extensions. The code and metadata consistently declare this architecture. Minor metadata mismatches exist (src/__init__ version is '7.0.0' while package metadata is '8.0.1') and many tests import 'core' modules that appear to be provided only by the private package — showing strong dependency on the cloned content.
Instruction Scope
SKILL.md explicitly documents the hooks and their actions. The hooks' code matches the documentation: postinstall.py runs git clone of the CNB repo into src/privileged/, and onStartup.py checks git status and writes logs. The instructions do not access unrelated system files or undeclared env vars. However the hooks will write files into the user's OpenClaw workspace and remove any existing privileged directory before cloning (shutil.rmtree), so they modify local filesystem in the declared skill area.
Install Mechanism
There is no packaged install spec but lifecycle hooks perform a 'git clone' from https://cnb.cool/llm-memory-integrat/llm.git — a non-well-known release host (not GitHub/GitLab/official release server). While cloning is documented, pulling arbitrary repository content from a personal/unknown domain is a higher-risk supply-chain action because that code will reside in the user's workspace and can contain native extensions or arbitrary executable code.
Credentials
The skill requests only binaries (python3, sqlite3, git) and filesystem read/write access to its own OpenClaw paths and network access to the CNB endpoint. It does not request unrelated credentials or broad environment variables. The declared capabilities (subprocess calls and network access) match what the hooks perform.
Persistence & Privilege
The skill is not forced-always, and does not modify other skills or system-wide configuration. Hooks run at install and gateway startup (normal lifecycle behavior). The skill does create/replace files inside its own workspace (src/privileged/) which is expected for its 'privileged package' design.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install llm-memory-v8-fix - After installation, invoke the skill by name or use
/llm-memory-v8-fix - Provide required inputs per the skill's parameter spec and get structured output
Version History
v8.0.1
修复元数据一致性:正确声明 hooks 的网络访问和 subprocess 调用行为
Metadata
Frequently Asked Questions
What is Llm Memory V8 Fix?
LLM Memory Integration - 接口层 + 自动化钩子。安装后自动从 CNB 仓库拉取私有增强包。 It is an AI Agent Skill for Claude Code / OpenClaw, with 69 downloads so far.
How do I install Llm Memory V8 Fix?
Run "/install llm-memory-v8-fix" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Llm Memory V8 Fix free?
Yes, Llm Memory V8 Fix is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Llm Memory V8 Fix support?
Llm Memory V8 Fix is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Llm Memory V8 Fix?
It is built and maintained by xkzs2007 (@xkzs2007); the current version is v8.0.1.
More Skills