← Back to Skills Marketplace
532
Downloads
1
Stars
3
Active Installs
3
Versions
Install in OpenClaw
/install memory-ops
Description
Manage mandatory PostgreSQL memory operations with context retrieval, prompt logging, delegation tracking, and audit event recording using Memory_openclaw an...
Usage Guidance
Before installing: (1) Ask the author to explicitly list how the agent connects to the database (required env vars or connection string) and do not provide DB credentials unless you control the target database. (2) Verify the DB, schema, and sample data are deployed in an isolated/test database you control. (3) Remove or parameterize the hardcoded user_id='ian' and agent='jarvis' values so the skill cannot accidentally write other users' data. (4) Confirm where embeddings come from and whether an embedding model key is needed; ensure that is documented and minimal-scoped. (5) Require a retention and PII/secret-filtering policy — the skill logs every prompt/delegation and could persist sensitive data. (6) If you will allow autonomous invocation, restrict which agents can use this skill and audit the memory_audit table regularly. If the author cannot explain the DB connectivity and data governance, treat the skill as unsafe to enable in production.
Capability Analysis
Type: OpenClaw Skill
Name: memory-ops
Version: 0.1.2
The skill bundle is designed for memory management and auditing within a PostgreSQL database. While the `SKILL.md` instructions are benign and even include a positive security instruction ('Não salvar segredos sensíveis sem necessidade explícita'), the SQL files (`references/queries.sql`, `references/schema.sql`, `scripts/memory_ops_template.sql`) consistently use a hardcoded `user_id = 'ian'` and `agent = 'jarvis'`. This indicates a potential vulnerability related to multi-tenancy or user context management, where data might be inadvertently shared or accessed across users if the OpenClaw platform does not strictly enforce user isolation, classifying it as suspicious rather than benign due to this design flaw.
Capability Assessment
Purpose & Capability
Name/description claim Postgres + pgvector memory ops, and the included SQL/schema/templates implement exactly that. However the skill does not declare any way to connect to the database (no env vars, no connection path). That is an incoherence: it requires DB access in practice but asks for no credentials or config. Also many queries hardcode user_id='ian' and agent='jarvis', which is not general-purpose and suggests the package is tailored to a single account/agent.
Instruction Scope
SKILL.md instructs the agent to read memory before responding, save user prompts, log delegations and audit events — all consistent with the stated goal. It does not instruct any network exfiltration or access to unrelated system files. Missing are guidance about sanitization/filtering of secrets, retention policy, or how to obtain embeddings (the SQL expects a :query_embedding bind). The mandatory 'save every prompt/delegation' behavior increases risk of storing sensitive data if not filtered.
Install Mechanism
Instruction-only skill with no install spec and no code files that execute. This minimizes install-time risk; nothing is downloaded or written by an installer.
Credentials
The skill requests no environment variables or credentials but clearly needs database connection info (host/port/db/user/password or similar) and likely an embeddings model/key in real use. The absence of declared env vars is an inconsistency. Additionally, defaulting to a fixed user_id ('ian') and agent ('jarvis') may cause accidental cross-user data writes if reused in another environment.
Persistence & Privilege
The skill is not always-enabled and does not request special platform privileges, which is good. However its runtime protocol mandates writing every prompt/delegation and an audit row per turn — this persistent logging is expected for a memory/audit system but is privacy-sensitive and should be constrained by retention/permission policies and explicit DB credentials.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install memory-ops - After installation, invoke the skill by name or use
/memory-ops - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.2
- No functional changes; only metadata updated.
- No user-facing, protocol, or implementation modifications included in this version.
v0.1.1
- Added _meta.json file for enhanced metadata and skill management.
- No changes to core logic or protocol—functionality remains the same.
v0.1.0
Initial release: mandatory memory consult/write protocol for Memory_openclaw
Metadata
Frequently Asked Questions
What is Memory Ops?
Manage mandatory PostgreSQL memory operations with context retrieval, prompt logging, delegation tracking, and audit event recording using Memory_openclaw an... It is an AI Agent Skill for Claude Code / OpenClaw, with 532 downloads so far.
How do I install Memory Ops?
Run "/install memory-ops" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Memory Ops free?
Yes, Memory Ops is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Memory Ops support?
Memory Ops is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Memory Ops?
It is built and maintained by Ianleme (@ianleme); the current version is v0.1.2.
More Skills