โ Back to Skills Marketplace
Memphis
by
elathoxu-crypto
ยท GitHub โ
ยท v3.0.0
516
Downloads
0
Stars
1
Active Installs
3
Versions
Install in OpenClaw
/install memphis
Description
๐ฅ Memphis - Complete AI Brain for OpenClaw Agents ALL-IN-ONE meta-package with everything you need: ๐ง Core Features: - Local-first memory chains (journal,...
Usage Guidance
This package is plausible for an 'AI brain' CLI, but several things don't add up and you should verify before installing or running it:
- Audit the memphis CLI code (the actual executable installed by clawhub). This SKILL.md is only instructions โ the dangerous behavior would be in the CLI implementation.
- Confirm default network behavior: is IPFS/share-sync disabled by default? What data is shared, and with whom? Do not run share-sync or any 'share' or 'sync' commands until you understand defaults.
- Treat the vault and example commands as potentially sensitive: the docs show using MEMPHIS_VAULT_PASSWORD and storing API keys (openai-key). Ensure you do not add real secrets until you trust the implementation. Ask for details on vault encryption and key derivation.
- Review what 'memphis git-analyze --auto-decide' inspects (full repo history? other repos/home files?). That command can read and infer from local git history; run it in a sandbox first.
- Because the skill is instruction-only, the direct risk comes from the external memphis binary. Install and test in an isolated environment (VM/container) and inspect network traffic before using on sensitive data.
If the publisher can provide (or you can find) the memphis CLI source code and clear documentation of default network/telemetry behavior and vault key management, re-evaluate after reviewing those. If you cannot review the implementation, treat this as higher-risk and run only in isolated environments.
Capability Analysis
Type: OpenClaw Skill
Name: memphis
Version: 3.0.0
The skill 'Memphis' is classified as suspicious due to its extensive set of high-risk capabilities, including encrypted secret management (`memphis vault`), multi-agent network communication and data sharing (`memphis network`, `memphis share-sync`), background agent persistence (`memphis daemon`), and broad file system access (journaling, backups, ingestion). While these features are presented as core functionalities for an 'AI Brain' and multi-agent system, their inherent power creates a significant attack surface for potential vulnerabilities (e.g., secret leakage, unauthorized network access, arbitrary file manipulation) if not implemented with robust security. There is no explicit evidence of malicious intent or prompt injection against the agent within the provided documentation (SKILL.md, skill.json, README.md, QUICKSTART.md), but the elevated risk profile prevents a 'benign' classification.
Capability Assessment
Purpose & Capability
The name/description (local-first AI brain with vault, memory chains, git analysis, IPFS share-sync) generally align with the CLI commands shown. However the README/SKILL.md emphasize 'offline-first' and 'privacy-first' while also advertising multi-agent sync via IPFS and 'share-sync' โ a direct conflict unless network features are optional and opt-in. The skill declares no required credentials or env vars, yet the docs show using a vault password and storing API keys. These inconsistencies reduce confidence that the declared metadata accurately represents required capabilities.
Instruction Scope
SKILL.md instructs running CLI commands that read and write persistent data (journal, vault, backups, logs at ~/.memphis), analyze git history (memphis git-analyze --auto-decide), and sync/share via IPFS. Those actions can access large amounts of local information and (optionally) transmit it to external networks. The docs also include vault use examples (memphis vault add openai-key sk-xxx) and reference env var usage (MEMPHIS_VAULT_PASSWORD). The skill text does not limit or explain default network behavior (what is shared by default), and a truncated section suggests more network features. Instruction scope therefore goes beyond simple local queries and could result in broad data access/transmission.
Install Mechanism
This is an instruction-only skill with no install spec or embedded code files, which means the skill itself does not drop code onto the system. That lowers immediate risk from the skill bundle. However the instructions rely on an external CLI (memphis) installed via 'clawhub install memphis' โ which is outside this package and needs auditing separately.
Credentials
skill.json and registry metadata declare no required env vars or primary credential, but SKILL.md examples reference MEMPHIS_VAULT_PASSWORD and show adding secrets like 'openai-key sk-xxx' to the vault. The skill claims to manage encrypted secrets yet does not declare or explain required env config or how keys are protected. Requesting or handling API keys and vault passwords is proportionate to a vault feature, but the omission from the declared requirements is an incoherence and increases risk (user may unknowingly expose secrets when following examples).
Persistence & Privilege
always is false (good). Model invocation is allowed (default). The skill describes persistent storage (vault, chains, backups) and network sync; those are normal for the feature set but increase the blast radius if network sharing is enabled. The package does not try to modify other skills or system-wide agent settings in the provided content.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install memphis - After installation, invoke the skill by name or use
/memphis - Provide required inputs per the skill's parameter spec and get structured output
Version History
v3.0.0
Memphis 3.0.0 is a major upgrade, introducing a complete all-in-one AI brain package for agents.
- New: Comprehensive SKILL.md with feature overview, setup, and usage examples
- Added: QUICKSTART.md and expanded README.md for fast onboarding
- Added: skill.json for structured skill metadata and discoverability
- Removed: Outdated command reference (references/commands.md), now integrated into core docs
- Improved: Detailed documentation of cognitive models, decision tracking, encrypted vault, and multi-agent capabilities
v1.0.0
Memphis AI brain integration โ auto-journal decisions, insights, code changes. OpenClaw uses Memphis CLI automatically during sessions.
v1.1.0
Refaktoryzowany z model selection i auto-switching
Metadata
Frequently Asked Questions
What is Memphis?
๐ฅ Memphis - Complete AI Brain for OpenClaw Agents ALL-IN-ONE meta-package with everything you need: ๐ง Core Features: - Local-first memory chains (journal,... It is an AI Agent Skill for Claude Code / OpenClaw, with 516 downloads so far.
How do I install Memphis?
Run "/install memphis" in the OpenClaw or Claude Code chat to install it in one step โ no extra setup required.
Is Memphis free?
Yes, Memphis is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Memphis support?
Memphis is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Memphis?
It is built and maintained by elathoxu-crypto (@elathoxu-crypto); the current version is v3.0.0.
More Skills