← Back to Skills Marketplace
Engram Evomap
by
404-UNKNOW
· GitHub ↗
· v0.1.1
362
Downloads
0
Stars
2
Active Installs
2
Versions
Install in OpenClaw
/install engram-2
Description
The AEIF-based long-term memory hub for AI Agents to prevent repeating bugs.
README (SKILL.md)
🧬 engram — Agent Long-Term Experience Memory Hub
🤖 System Mind
You are equipped with an external long-term memory store based on the AEIF v1.0 (Agent Experience Interchange Format) protocol.
- Consult first: Before tackling a recurring error or a complex problem, search your memory for existing solutions.
- Commit success: After successfully resolving a significant challenge, "geneticize" the experience and store it immediately.
🎯 Automatic Trigger Rules
- Error Interception (Auto-Consult): When detecting signals such as
error,failed,SSL,404,EACCES, ortimeout, the system automatically retrieves and injects[EvoMap Advice]. - Task Distillation (Auto-Commit): After completing a multi-step complex task successfully, trigger
!exp committo preserve the logic for future sessions.
🛠️ Command Set
| Command | Action |
|---|---|
!exp consult '\x3Cproblem>' |
Performs a semantic search for historical solutions. Returns Top-3 matches. |
!exp commit |
Asynchronously distills current session history into a universal AEIF capsule. |
!exp list |
Displays memory statistics and a list of recently stored capsules. |
!exp score \x3Cid> --bad |
Provides negative feedback to a capsule, decreasing its TrustScore. |
📦 Output Specification
- Advice should be injected as a system observation wrapped in
---separators. - Focus on providing actionable
[PATCH],[CONFIG], or[WORKAROUND]steps. - Do not modify user-validated paths unless explicitly requested.
Usage Guidance
This skill appears to implement a local AEIF memory hub and mostly matches its description, but several practical risks exist you should consider before installing:
- Privacy: It will distill and store session history (rawPayload) in data/engram.db and a cache under your home directory. Any sensitive content present in session history could be persisted. If you plan to use it, review or change the storage paths and back up/secure the DB.
- Auto-commit / Auto-intercept: The skill auto-consults on error signals and can auto-commit distilled experiences. If you don't want the agent to persist conversations automatically, disable or modify the auto-commit behavior (or avoid invoking !exp commit). Prefer running it with manual commit only.
- Insecure suggestions: Seed capsules include explicit insecure workarounds (eg, git http.sslVerify false). Although the code has a verification engine, early drafts are stored with default trustScore and a boosting mechanism may still surface unsafe commands. Audit seed data and the capsule contents before enabling automatic injection.
- Network & model downloads: The embedding worker downloads models via @xenova/transformers at runtime. If you require offline-only operation, ensure models are available locally and verify the transformer's configuration (the code sets env.allowLocalModels = false despite a comment that suggests the opposite).
- External LLM usage: The distillation and verification steps call an llmClient (injected at runtime). If that client is configured to use a remote API, session history will be sent to the external LLM. Confirm where llmClient runs and whether it transmits data remotely.
Recommendations before installing:
- Audit and sanitize data/seeds (data/seeds/seeds.json) to remove any insecure commands you don't want suggested.
- Run the package in an isolated environment or container first, and inspect the DB contents after commits.
- Disable or sandbox automatic commit/interception behavior until you are comfortable with what gets stored and suggested.
- If you use a remote llmClient, treat the distillation pipeline as a potential data exfiltration vector and avoid sending sensitive session content to an external API.
If you want, I can point out the exact lines/files that implement storage, auto-commit, model download, and the seeds that contain insecure commands so you can review or patch them.
Capability Analysis
Type: OpenClaw Skill
Name: engram-2
Version: 0.1.1
The 'engram-evomap' bundle is a sophisticated local memory hub for AI agents that uses vector embeddings (via @xenova/transformers) and SQLite to store and retrieve debugging experiences. Security-positive features are present, including a 'GeneProcessor' (src/core/gene-processor.js) that explicitly instructs the LLM to strip sensitive data like IPs, paths, and credentials before storage, and a 'VerificationEngine' (src/core/verification-engine.js) that audits solutions for security anti-patterns. While some pre-loaded 'seeds' (data/seeds/seeds.json) suggest risky workarounds like disabling Git SSL verification, they include appropriate warnings and are standard developer fixes rather than malicious backdoors.
Capability Assessment
Purpose & Capability
The code, dependencies and binaries line up with the declared purpose: Node-based local embedding pipeline (@xenova/transformers), a sqlite-backed capsule store (better-sqlite3), worker threads for embedding, and APIs to consult/commit/list experiences. Requested runtime (node) and included packages are proportionate to a local semantic memory hub.
Instruction Scope
SKILL.md instructs the agent to auto-consult on error signals and to auto-commit distilled session experiences. The implementation will (a) scan runtime content for error signals and inject system advice, and (b) distill and persist session history into a local DB. Those instructions grant the skill broad discretion to read and store conversational context (including recent session content) without additional explicit user prompts or consent.
Install Mechanism
There is no platform install spec, but package.json includes standard npm dependencies (including native better-sqlite3 and @xenova/transformers). The embedding code downloads model artifacts at runtime via the transformers pipeline (network model fetch). No arbitrary personal servers or URL shorteners are used. Model download and native module installation are moderate risk operations and require network and build tool availability.
Credentials
The skill declares no required env vars or credentials (good). It does read process.env.NODE_ENV and process.platform for environment fingerprinting and writes to a default DB path (data/engram.db) and a cache dir under the user home (~/.engram_cache). While it does not request secrets, it will capture and persist session content (via distillation) and thus can inadvertently store sensitive data from conversations or context passed to its llmClient. The code also mutates the imported transformers' env object (env.allowLocalModels = false), which is inconsistent with its comment and worth reviewing.
Persistence & Privilege
The skill persists data to disk (data/engram.db and ~/.engram_cache) and stores full capsule JSON (rawPayload) and session-derived embeddings. It supports asynchronous auto-commit of session history. Although 'always' is false, autonomous invocation is allowed and could cause the agent to store conversation content without explicit per-commit consent. Seed capsules include insecure workaround commands (e.g., disabling git SSL verification), and the hybrid boosting + relaxed thresholds could surface those insecure suggestions as actionable advice.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install engram-2 - After installation, invoke the skill by name or use
/engram-2 - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.1
Initial release of engram-2, establishing core functionality for AI agent long-term memory.
- Implements AEIF v1.0 protocol for experience storage and retrieval.
- Semantic search for historical solutions with `!exp consult`.
- Session history distillation and capsule creation with `!exp commit`.
- Memory statistics and capsule listing via `!exp list`.
- Capsule feedback and trust scoring with `!exp score`.
- Includes error interception and automatic experience advice injection.
v0.1.0
engram-2 v0.1.0
- Initial release of the engram-evomap skill, providing AEIF-based long-term memory for AI agents.
- Supports semantic search of past experiences, error-driven advice injection, and storing successful solutions.
- Adds commands: `!exp consult`, `!exp commit`, `!exp list`, and `!exp score`.
- Automatically retrieves advice on common errors and preserves logic after task success.
- Outputs advice in a specified format focused on actionable solutions.
Metadata
Frequently Asked Questions
What is Engram Evomap?
The AEIF-based long-term memory hub for AI Agents to prevent repeating bugs. It is an AI Agent Skill for Claude Code / OpenClaw, with 362 downloads so far.
How do I install Engram Evomap?
Run "/install engram-2" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Engram Evomap free?
Yes, Engram Evomap is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Engram Evomap support?
Engram Evomap is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Engram Evomap?
It is built and maintained by 404-UNKNOW (@404-unknow); the current version is v0.1.1.
More Skills