← Back to Skills Marketplace
regan-milne

Claw Store Skill

by Regan-Milne · GitHub ↗ · v1.0.0
cross-platform ✓ Security Clean
345
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install claw-store-skill
Description
Sovereign, recoverable memory for AI agents backed by Jackal decentralized storage.
README (SKILL.md)

Claw Store

Persist your memory across sessions and machines. Your data lives on Jackal Protocol decentralized storage — not on any single machine. If the machine dies, your memory survives.

All content is encrypted client-side with AES-256-GCM before leaving your machine. The server never sees plaintext.

Setup

  1. Get an API key: https://web-production-5cce7.up.railway.app/auth/login
  2. Set environment variable: JACKAL_MEMORY_API_KEY=\x3Cyour-key>
  3. Install dependency: pip install cryptography
  4. On first save, an encryption key is auto-generated and saved to ~/.config/jackal-memory/key. To use the same key on other machines, copy it: 
    python {baseDir}/jackal-memory/client.py keygen
    Set JACKAL_MEMORY_ENCRYPTION_KEY=\x3Cyour-key> — this takes priority over the key file.

Base URL

https://web-production-5cce7.up.railway.app

Auth

Authorization: Bearer $JACKAL_MEMORY_API_KEY

Usage

On session start — restore memory:

python {baseDir}/jackal-memory/client.py load \x3Ckey>

On session end — save memory:

python {baseDir}/jackal-memory/client.py save \x3Ckey> \x3Ccontent>

Check storage usage:

python {baseDir}/jackal-memory/client.py usage

Or call the API directly:

GET  /load/{key}
POST /save       {"key": "...", "content": "..."}
GET  /usage

Behaviour guidelines

  • Load your identity/memory blob on startup before doing any work
  • Write locally during the session as normal
  • Call save at session end or on significant state changes
  • Use descriptive keys: identity, session-2026-02-26, project-jackal
  • Never log or expose JACKAL_MEMORY_API_KEY in output
  • Never log or expose JACKAL_MEMORY_ENCRYPTION_KEY in output

Security

  • All content is encrypted before leaving your machine — the server cannot read your memories
  • Never paste API keys or encryption keys into chat logs
  • Back up your encryption key: python {baseDir}/jackal-memory/client.py keygen
  • Treat memory content as sensitive — it may contain credentials or personal data
Usage Guidance
This package appears to do what it says: it encrypts memories locally and sends ciphertext to a remote service. Before installing, consider: (1) Trust the remote host (https://web-production-5cce7.up.railway.app) because while it cannot read your plaintext, it will see key names, sizes, and CIDs and will accept requests guarded by your JACKAL_MEMORY_API_KEY. (2) Securely back up your encryption key — losing it makes data unrecoverable; leaking it lets an attacker decrypt stored memories. The client prints the key on keygen and will create ~/.config/jackal-memory/key, so avoid running keygen in shared logs or shells. (3) If you need stronger assurance, self-host the server endpoint or audit the server code; you can also review the included client.py (provided) to confirm no hidden behavior. (4) Do not store long-lived secrets in memories unless you accept the risk profile described above.
Capability Analysis
Type: OpenClaw Skill Name: claw-store-skill Version: 1.0.0 The skill bundle is benign. The `SKILL.md` provides clear, secure instructions for the AI agent, including explicit guidance to 'Never log or expose JACKAL_MEMORY_API_KEY' or 'JACKAL_MEMORY_ENCRYPTION_KEY', which are good security practices rather than prompt injection attacks. The `jackal-memory/client.py` script implements client-side AES-256-GCM encryption for data before sending it to the specified external API (`https://web-production-5cce7.up.railway.app`). It handles API keys and encryption keys securely via environment variables or a dedicated local configuration file (`~/.config/jackal-memory/key`). There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or other harmful behaviors.
Capability Assessment
Purpose & Capability
Name/description (recoverable agent memory backed by Jackal) match the implementation: the client encrypts data client-side and POSTs/GETs to the declared BASE_URL. Requiring JACKAL_MEMORY_API_KEY is proportional to accessing a remote storage API.
Instruction Scope
SKILL.md instructions align with the client.py implementation: it reads/writes an encryption key under ~/.config/jackal-memory/, reads JACKAL_MEMORY_API_KEY and optional JACKAL_MEMORY_ENCRYPTION_KEY, and provides save/load/usage commands. The instructions do not ask the agent to read unrelated files or exfiltrate other environment variables.
Install Mechanism
No install spec is included; this is an instruction-plus-script package. The only runtime dependency is the standard cryptography Python package (SKILL.md instructs pip install cryptography). No external downloads, archive extraction, or obscure install URLs are used.
Credentials
Only JACKAL_MEMORY_API_KEY (required) and JACKAL_MEMORY_ENCRYPTION_KEY (optional override) are used. This is proportional, but users must understand that the API key grants access to the remote service and that metadata (key names, sizes, CIDs) will be visible to that service even though content is AES-256-GCM-encrypted client-side.
Persistence & Privilege
The skill is not forced-always, is user-invocable, and does not modify other skills or system-wide settings. It writes a key file only under ~/.config/jackal-memory/ which is within its stated scope.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install claw-store-skill
  3. After installation, invoke the skill by name or use /claw-store-skill
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of the claw_store skill for sovereign, recoverable AI memory backed by Jackal decentralized storage. - Supports encrypted, client-side AES-256-GCM memory storage and retrieval across sessions and machines. - Requires setup with a JACKAL_MEMORY_API_KEY and optional custom encryption key. - Includes usage instructions for saving, loading, and checking storage usage via CLI or direct API calls. - Emphasizes strong security practices: no plaintext leaves the client, and keys must not be logged or exposed.
Metadata
Slug claw-store-skill
Version 1.0.0
License
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Claw Store Skill?

Sovereign, recoverable memory for AI agents backed by Jackal decentralized storage. It is an AI Agent Skill for Claude Code / OpenClaw, with 345 downloads so far.

How do I install Claw Store Skill?

Run "/install claw-store-skill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Claw Store Skill free?

Yes, Claw Store Skill is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Claw Store Skill support?

Claw Store Skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Claw Store Skill?

It is built and maintained by Regan-Milne (@regan-milne); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments