← Back to Skills Marketplace
68
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install memory-secretary-v1-0-1
Description
智能管理与优化记忆文件,提供质量检查、重复任务检测、成功案例提取、工作模式分析和智能提醒。
Usage Guidance
This package is internally inconsistent: docs/tests reference many files and scripts that are not included, and the code—contrary to SKILL.md—creates and writes files under your workspace/memory. The README also tells users to force-install past VirusTotal warnings. Before installing, do the following: (1) inspect the full source yourself and confirm which files will be created under your workspace/memory and what they contain; (2) run the code in an isolated sandbox or VM with a backed-up test workspace (not your real memory data); (3) verify missing modules/scripts (smart_adaptive, daily_check, pilot_check, scripts/) — ask the author for a complete release or updated manifest; (4) do not use --force to bypass security warnings without code review; (5) if you proceed, point workspace_root to a dedicated test directory and check precisely what files are written. These contradictions are suspicious but do not prove intent to harm; require clarification or a corrected release.
Capability Analysis
Type: OpenClaw Skill
Name: memory-secretary-v1-0-1
Version: 1.0.1
The skill bundle is classified as suspicious primarily due to instructions in README.md and CHANGELOG.md that explicitly advise users to ignore security warnings (VirusTotal) and use installation overrides (--force). While the core logic in src/memory_secretary_lite.py appears to be a benign tool for analyzing local markdown files using Python standard libraries, the use of social engineering to dismiss security alerts is a classic indicator of potentially harmful intent or hidden payloads. No direct evidence of data exfiltration or malicious execution was found in the provided files, but the attempt to undermine security tooling warrants caution.
Capability Assessment
Purpose & Capability
The README/SKILL.md describe a local, read-only memory analysis tool with zero external deps, which roughly matches the core src/memory_secretary_lite.py. However __init__.py exports several modules (smart_adaptive, daily_check, pilot_check) and README/tests reference many scripts, config files and a 'scripts' directory that are not present in the package manifest. That mismatch (references to missing components) and the README/test expectations about workspace contents suggest the bundle is incomplete or expects external files in your workspace.
Instruction Scope
SKILL.md states the tool 'will not modify memory files' (read-only), yet the code initializes and creates a secretary_data_dir under the workspace/memory directory and saves reports (the quality check uses _save_report). The skill therefore writes files into your memory/ area despite claiming not to. Installation instructions (unzip into ~/.openclaw/skills/) are generic and the README encourages forcing install if VirusTotal flags it—this guidance is risky and inconsistent with 'from trusted source' practices.
Install Mechanism
No formal install spec is provided (instruction-only), but the package contains Python source and tests. The SKILL.md suggests manual unzip; there is no download URL in the manifest. Lack of an automated, verifiable install mechanism is not inherently malicious, but combined with the README's advice to use --force to bypass VirusTotal warnings increases risk.
Credentials
The skill declares no required credentials or env vars (good), but it accesses and writes under a workspace path (default '/home/admin/openclaw/workspace' or provided workspace_root). Tests and docs expect a 'memory' directory and 'scripts' — if those contain sensitive data, the skill will read them and it will also write report files under memory/secretary. The write behavior contradicts the claimed read-only scope and is disproportionate to the 'do not modify' assertion.
Persistence & Privilege
The skill does not request 'always: true' and uses normal autonomous invocation settings, which is fine. However it will create directories and persist reports under your workspace/memory, giving it persistent on-disk footprint. Combined with mismatches and the encouragement to bypass VirusTotal warnings, this persistent write access raises concern and warrants sandboxed testing before use.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install memory-secretary-v1-0-1 - After installation, invoke the skill by name or use
/memory-secretary-v1-0-1 - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- 新增功能说明文档 SKILL.md,详细介绍技能用途、核心功能、安装与使用方法
- 公开了六大核心功能,包括记忆质量管理、重复工作检测、成功案例提取等
- 明确了零外部依赖、小体积和快速部署等技术特点
- 提供了文件结构、测试方法及常见问题解答
- 更新日志中保留了 1.0.0 的基础变更描述
- 增加了支持与联系方式信息
Metadata
Frequently Asked Questions
What is 记忆秘书?
智能管理与优化记忆文件,提供质量检查、重复任务检测、成功案例提取、工作模式分析和智能提醒。 It is an AI Agent Skill for Claude Code / OpenClaw, with 68 downloads so far.
How do I install 记忆秘书?
Run "/install memory-secretary-v1-0-1" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is 记忆秘书 free?
Yes, 记忆秘书 is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does 记忆秘书 support?
记忆秘书 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created 记忆秘书?
It is built and maintained by yhm2084 (@yhm2084); the current version is v1.0.1.
More Skills