← Back to Skills Marketplace
xqicxx

secure-memory-stack

by xqicxx · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
1936
Downloads
3
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install secure-memory-stack
Description
一个安全的本地化记忆系统,结合百度Embedding语义搜索、Git Notes结构化存储和文件系统,确保数据隐私和安全。
Usage Guidance
Key points before installing: 1) This package claims 'local-only' but many scripts will call external Baidu embedding APIs if you provide credentials — don't provide BAIDU_API_* keys unless you trust the implementation and need remote embedding. 2) Inspect scripts that run Python modules from /root/clawd/skills/* — those imports execute code from other skill folders; ensure those modules are trusted. 3) The skill creates and modifies many files under /root/clawd and runs chmod -R on that workspace; run in an isolated test environment (non-root) or snapshot/backup /root/clawd before use. 4) Because there is no explicit install spec for dependencies, verify how memory-baidu-embedding-db and git-notes-memory are installed and from what sources. 5) If you want to proceed, run the skill in a sandbox/container, avoid supplying real secret credentials until you audit the code paths that send data externally, and consider setting file-system permissions/ownership limits so the skill cannot alter unrelated system files.
Capability Analysis
Type: OpenClaw Skill Name: secure-memory-stack Version: 1.0.0 The skill 'secure-memory-stack' is designed as a secure, localized memory system. All analyzed files consistently reinforce its stated purpose of local data storage, zero data upload, and privacy protection. Scripts primarily perform diagnostic checks, system setup, maintenance, and memory operations (add, search) within the designated `/root/clawd` workspace, utilizing Python and Git for its core functionality. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, prompt injection attempts, or obfuscation. The use of shell commands, Python, and file system access is directly aligned with the skill's legitimate operations.
Capability Assessment
Purpose & Capability
The skill claims '完全本地化 / 零数据上传' but many scripts and docs require or attempt to use Baidu embedding APIs (BAIDU_API_STRING / BAIDU_SECRET_KEY) and import modules that contact external services. The registry metadata lists no required env vars while clawdbot.skill.json includes optional Baidu keys; several runtime scripts treat those keys as mandatory. This is a mismatch between the stated purpose (local-only) and the capability (optional external API integration).
Instruction Scope
SKILL.md and the included scripts instruct the agent to create, read, and modify many files and directories under /root/clawd (MEMORY.md, SESSION-STATE.md, memory/, backups/, .git operations). Several scripts (startup checks, verification, diagnose) import and run Python modules from other skills' directories (e.g., memory-baidu-embedding-db, git-notes-memory, baidu-vector-db), run git operations, and run arbitrary Python code. Some scripts will fail or exit if Baidu env vars are not present, so their behavior is conditional but intrusive. The skill also runs recursive chmod and copies files — broader file-system access than a minimal memory helper.
Install Mechanism
There is no formal install spec (instruction-only), which reduces direct supply-chain risk, but package.json declares Node dependencies (memory-baidu-embedding-db, git-notes-memory) and scripts expect Python modules under /root/clawd/skills/… . The code assumes other skill packages or modules are present on-disk; lack of a clear, trusted install/retrieval mechanism for those dependencies is an inconsistency and increases operational fragility.
Credentials
The repository and scripts reference sensitive environment variables (BAIDU_API_STRING, BAIDU_SECRET_KEY, BAIDU_API_KEY, BAIDU_EMBEDDING_ACTIVE, EMBEDDING_CACHE_ENABLED, PERFORMANCE_MODE) yet the registry metadata declared 'Required env vars: none' (and BAIDU keys marked optional). Several scripts actively require those env vars and will exit on missing credentials. Asking for secret API credentials to use an 'offline' memory system is disproportionate unless the user explicitly enables semantic search; this contradiction should be clearly documented and enforced only when necessary.
Persistence & Privilege
always is false (good), but the skill's scripts create and modify files under /root/clawd, initialize git repos, set global file permissions (chmod -R 755 on workspace), write backups, and update SESSION/MEMORY files. Those actions give the skill broad filesystem persistence within the Clawd workspace and can alter other skills' directories (it probes /root/clawd/skills/* and checks WHITELISTED.md). While not necessarily malicious, these are high-privilege operations and warrant caution.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install secure-memory-stack
  3. After installation, invoke the skill by name or use /secure-memory-stack
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
--- name: secure-memory-stack version: 1.0.0 description: A secure localized memory system integrating Baidu Embedding semantic search, Git Notes structured storage, and the file system to guarantee data privacy and security. triggers: - "setup memory" - "configure memory" - "secure memory" - "local memory" - "privacy memory" author: Clawdbot Team --- # Secure Memory Stack A secure localized memory system integrating Baidu Embedding semantic search, Git Notes structured storage, and the file system to guarantee data privacy and security. ## Features - ✅ **Fully Localized** - All data is stored on local devices - ✅ **Zero Data Upload** - No data is sent to any external services - ✅ **Semantic Search** - Semantic similarity search powered by Baidu Embedding - ✅ **Structured Storage** - Structured memory management provided by Git Notes - ✅ **File System** - Traditional file storage for easy management - ✅ **Hybrid Search** - Semantic + keyword + tag integrated search - ✅ **Privacy Protection** - Full data ownership and sovereignty ## Quick Installation ```bash clawdhub install secure-memory-stack One-Click Initialization bash 运行 # Initialize the secure memory system bash /root/clawd/create/secure-memory-stack/scripts/setup.sh API Configuration Guide The system will automatically detect and guide you to configure required API keys: Baidu Embedding API (optional) Other optional services Usage Guide 1. System Initialization bash 运行 # First-time setup secure-memory setup 2. Check System Status bash 运行 # Check the status of the memory system secure-memory status 3. Add Memories bash 运行 # Add structured memories via Git Notes secure-memory remember "Critical Decision: Adopt a localized memory system" --tags decision,security --importance high # Update MEMORY.md to add long-term memories secure-memory add-longterm "User Preference: Concise and efficient communication" 4. Search Memories bash 运行 # Semantic search secure-memory search "security configuration" # Structured search by tags secure-memory find --tag security # File-based search secure-memory lookup "user preferences" 5. System Maintenance bash 运行 # Check system health status secure-memory health # View statistical information secure-memory stats Error Handling Common Errors and Solutions Error 1: "Failed to connect to Baidu Embedding API" Solution: Verify the configuration of your Baidu API key Run: secure-memory configure baidu Error 2: "Git Notes system unavailable" Solution: Ensure Git is installed and configured correctly Run: secure-memory fix git Error 3: "File permission error" Solution: Check workspace access permissions Run: secure-memory fix permissions Error 4: "No search results found" Solution: Confirm that the index has been updated Run: secure-memory refresh Configuration Files The system will create configuration files at the following paths: /root/clawd/memory_config.json - Main configuration file /root/clawd/MEMORY.md - Long-term memory storage /root/clawd/SESSION-STATE.md - Session state records /root/clawd/memory/ - Daily logs Directory Structure plaintext /root/clawd/ ├── MEMORY.md # Long-term memories ├── SESSION-STATE.md # Active working memory ├── memory/ # Daily logs │ ├── YYYY-MM-DD.md # Daily memory logs │ └── ... # Historical logs ├── notes/ # Knowledge organization │ ├── projects/ # Project records │ ├── areas/ # Domain-specific content │ ├── resources/ # Resource files │ └── archive/ # Archived content └── skills/secure-memory-stack/ ├── scripts/ # Management scripts ├── configs/ # Configuration templates └── docs/ # Documentation Command Reference Core Commands secure-memory setup - Initialize the system secure-memory status - Check system status secure-memory search <query> - Perform semantic search secure-memory remember <content> - Add a new memory secure-memory health - Run system health check secure-memory configure <service> - Configure API for a service secure-memory fix <component> - Repair a system component Advanced Commands secure-memory refresh - Refresh search indexes secure-memory backup - Back up all memory data secure-memory restore - Restore memory data from backup secure-memory export - Export memory data secure-memory stats - View system statistics Security Features Local Storage: All data is stored exclusively on the local machine Zero Upload: No data transmission to external services Access Control: Restricted to local machine access only Privacy Protection: Full user data sovereignty Encryption Support: Optional local data encryption Troubleshooting If you encounter issues, run: bash 运行 secure-memory diagnose This will execute a full system diagnosis and provide targeted solutions. System Update bash 运行 clawdhub update secure-memory-stack System Uninstallation bash 运行 secure-memory cleanup Note: This will delete all configuration files but will not remove your memory files. Contribution Issues and Pull Requests are welcome to help improve this skill. plaintext --- 如果需要,我还可以帮你把这份文档调整为**更适合GitHub发布的README格式**,要不要我帮你优化一下?
Metadata
Slug secure-memory-stack
Version 1.0.0
License
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is secure-memory-stack?

一个安全的本地化记忆系统,结合百度Embedding语义搜索、Git Notes结构化存储和文件系统,确保数据隐私和安全。 It is an AI Agent Skill for Claude Code / OpenClaw, with 1936 downloads so far.

How do I install secure-memory-stack?

Run "/install secure-memory-stack" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is secure-memory-stack free?

Yes, secure-memory-stack is completely free (open-source). You can download, install and use it at no cost.

Which platforms does secure-memory-stack support?

secure-memory-stack is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created secure-memory-stack?

It is built and maintained by xqicxx (@xqicxx); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments