← Back to Skills Marketplace
MnemoPay
by
t49qnsx7qt-kpanks
· GitHub ↗
· v1.1.0
· MIT-0
95
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install mnemopay
Description
Give any AI agent persistent memory and a wallet. Remember facts across sessions, recall with semantic search, charge for work delivered, track reputation. 1...
Usage Guidance
Do not install blindly. Key things to verify before using this skill:
- Source provenance: confirm the npm package and GitHub repo are legitimate, review the package code and maintainer identity.
- Installation risk: the SKILL.md tells the agent to run `npx @mnemopay/sdk` — that will fetch and execute remote code. Only allow this in a sandboxed environment after code review.
- Credentials and infrastructure: clarify what DB, Redis, and payment credentials are required and ensure they are provided via secure secret storage (not hard-coded). Ask how payment escrow is implemented and what third-party gateways are used.
- Autonomy and billing safeguards: require explicit human approval before any charge is created or settled; restrict autonomous invocation for payment-related tools; add limits and audit hooks.
- Data governance: ask how memories and logs are stored, encrypted, retained, and deleted (privacy/PDPA/GDPR concerns).
If you cannot validate the package source and the payment/back-end design, treat this skill as unsafe for production and run only in an isolated test environment with strict limits on network and financial actions.
Capability Analysis
Type: OpenClaw Skill
Name: mnemopay
Version: 1.1.0
The skill introduces high-risk capabilities by providing tools for financial transactions (`charge`, `settle`) and persistent memory management. It executes remote code via `npx -y @mnemopay/sdk` and includes specific instructions in `SKILL.md` for the agent to initiate charges and manage a wallet. While these features are consistent with the stated purpose, the combination of automated financial workflows and the use of an atypical GitHub repository source (`t49qnsx7qt-kpanks/mnemopay-sdk`) warrants a suspicious classification due to the potential for financial abuse or supply chain risk.
Capability Assessment
Purpose & Capability
The skill claims to provide persistent memory and a wallet, and the SKILL.md instructs using `npx @mnemopay/sdk` which explains the npx requirement. However, the skill claims payment/escrow functionality without declaring or requiring any payment-provider credentials, database connection strings, or other infrastructure details. The homepage GitHub path and registry owner information are opaque/unfamiliar, which increases uncertainty.
Instruction Scope
The SKILL.md instructs the agent to run `openclaw mcp set` which will cause the agent to execute `npx` to fetch an external SDK and run a persistent MCP server that stores memories, logs, and handles payments. The instructions reference many environment variables (MNEMOPAY_*, MNEMO_URL, AGENTPAY_URL) and persistent services (Postgres, Redis) but the registry metadata lists no required env or config. The skill's instructions also enable workflows that would allow the agent to create charges and settle payments; the guidance not to charge speculatively is a policy, not an enforcement mechanism.
Install Mechanism
There is no install spec in the registry, but the runtime instructions explicitly instruct dynamic installation/execution via `npx -y @mnemopay/sdk`. That causes arbitrary code from the npm registry to be fetched and run at agent runtime. The package and GitHub repo do not appear to be a well-known or verified source, increasing supply-chain risk.
Credentials
Registry metadata declares no required env vars, but the SKILL.md examples and workflows reference multiple MNEMOPAY_* variables and service URLs and expect persistent storage and payment endpoints. Payment functionality implies the need for secrets/credentials (payment gateway keys, DB URLs) that are neither declared nor described. This mismatch (no declared creds but clear need for them) is a red flag.
Persistence & Privilege
The skill instructs installation of a persistent MCP server that would hold memories, logs, and wallets. Although `always: false` and autonomous invocation is the platform default, this skill's ability to create charges and settle payments combined with the lack of declared authorization controls raises the risk that an agent could autonomously create financial transactions if misconfigured or exploited.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install mnemopay - After installation, invoke the skill by name or use
/mnemopay - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
Added reputation tool (13 tools total), hardened persistence
v1.0.0
AI agent memory + micropayments via MCP. 12 tools: remember, recall, forget, reinforce, consolidate, charge, settle, refund, balance, profile, logs, history.
Metadata
Frequently Asked Questions
What is MnemoPay?
Give any AI agent persistent memory and a wallet. Remember facts across sessions, recall with semantic search, charge for work delivered, track reputation. 1... It is an AI Agent Skill for Claude Code / OpenClaw, with 95 downloads so far.
How do I install MnemoPay?
Run "/install mnemopay" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is MnemoPay free?
Yes, MnemoPay is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does MnemoPay support?
MnemoPay is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created MnemoPay?
It is built and maintained by t49qnsx7qt-kpanks (@t49qnsx7qt-kpanks); the current version is v1.1.0.
More Skills