← Back to Skills Marketplace
johnnywang2001

OpenClaw Memory Upgrade

by John Wang · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
96
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install openclaw-memory-upgrade
Description
Complete guide to upgrading OpenClaw's memory system for persistent, searchable context across sessions. Implements 6 upgrades including enhanced memory flus...
Usage Guidance
Before installing or applying these instructions: - Review and back up openclaw.json and any AGENTS.md files before making edits; the SKILL.md proposes global config changes. - Remove or edit the 'TECHNICAL DETAILS' category in the memoryFlush prompt so the agent does NOT capture API keys, passwords, private keys, tokens, or other secrets into persistent memory files. Storing secrets in daily logs or MEMORY.md is unsafe. - If you must use a plugin (Mem0), identify the exact npm package name and inspect its source code (or use a vetted package) before running npm install. The skill provides no install spec or trusted URL. - Run changes in a sandbox or dev environment first to observe file I/O and behaviour, and search created memory files for unintended sensitive data. - Limit autonomous invocation until you trust the configuration: consider disabling auto-run of memoryFlush or require explicit user approval for writes. - If you want to proceed, create policies or scripts that redact secrets (API keys, tokens, credentials, private endpoints) from things the agent writes to memory, and consider encrypting persistent memory storage. If you want, I can: (a) produce a redacted memoryFlush prompt that excludes secret capture, (b) generate a safe checklist for reviewing openclaw.json changes, or (c) help draft an explicit install and verification plan for the Mem0 plugin.
Capability Analysis
Type: OpenClaw Skill Name: openclaw-memory-upgrade Version: 1.0.0 The skill is classified as suspicious because SKILL.md contains explicit instructions for the agent to extract and store sensitive information, including 'API keys' and 'configs', into plain-text markdown files. This creates a significant security vulnerability by centralizing secrets in an unencrypted format. Additionally, the bundle encourages the installation of third-party plugins like @mem0/openclaw-mem0 and references a 'security audit' regarding another plugin (Cognee), which could be a tactic to establish false trust while promoting high-risk data handling practices.
Capability Assessment
Purpose & Capability
The skill's name and description (persistent searchable memory) align with the instructions to add memoryFlush, session indexing, and file-based memory. However, the SKILL.md requires access to and edits of the global openclaw.json and AGENTS.md and asks for npm for a Mem0 plugin while the registry metadata declares no required config paths or install steps. Asking to modify top-level config and to install plugins is more privileged than the registry metadata indicates.
Instruction Scope
The runtime instructions explicitly tell the agent to read and write workspace memory files (MEMORY.md, memory/YYYY-MM-DD.md), modify openclaw.json and AGENTS.md, and index past session transcripts. Critically, the memoryFlush prompt directs extraction of 'TECHNICAL DETAILS (commands, configs, API keys, endpoints, file paths)', which would cause the agent to capture secrets and highly sensitive data into persistent files — this is scope creep beyond ordinary memory capture and is a privacy/security risk.
Install Mechanism
There is no install spec in the registry (instruction-only), but SKILL.md lists 'npm (for Mem0 plugin installation)' as a prerequisite and refers to a Mem0 plugin. The skill gives no vetted install source or package name and does not declare an install plan. Instruction-only distribution reduces direct install risk, but the missing, unverified npm install step is an operational gap and potential vector for supply-chain compromise.
Credentials
The registry declares no required environment variables or credentials, yet the instructions would cause the agent to extract and persist 'API keys' and other technical secrets into memory files. Requesting or instructing capture of secrets without declaring or justifying credential access is disproportionate and dangerous: it enables long-term storage (and possible exfiltration) of secrets in plaintext files.
Persistence & Privilege
always:false and normal autonomous invocation are fine, but the skill's recommended edits are to global OpenClaw config (openclaw.json, AGENTS.md) and creation of persistent memory files. That amounts to changing system-wide agent behavior and persistent data storage — acceptable for a memory upgrade but should be explicit and consented to. The skill does not declare these config paths in metadata, so it grants implicit, broad persistence privilege without transparency.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install openclaw-memory-upgrade
  3. After installation, invoke the skill by name or use /openclaw-memory-upgrade
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
OpenClaw Memory Upgrade 1.0.0 - Introduces a complete memory system upgrade for OpenClaw, featuring persistent, searchable context across sessions. - Implements 6 major enhancements: enhanced memory flush, session indexing, QMD hybrid search, Mem0 plugin integration, and robust manual memory management practices. - Memory flush now extracts 8 key categories before compaction, ensuring important details persist. - Past sessions and daily memory logs become searchable using both keyword and semantic methods with recency and diversity ranking. - Adds auto-capture and auto-recall of important facts using the Mem0 plugin, along with a knowledge graph. - Establishes a two-tier memory file system for curated long-term and raw daily memories, with agent instructions for ongoing memory hygiene.
Metadata
Slug openclaw-memory-upgrade
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is OpenClaw Memory Upgrade?

Complete guide to upgrading OpenClaw's memory system for persistent, searchable context across sessions. Implements 6 upgrades including enhanced memory flus... It is an AI Agent Skill for Claude Code / OpenClaw, with 96 downloads so far.

How do I install OpenClaw Memory Upgrade?

Run "/install openclaw-memory-upgrade" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is OpenClaw Memory Upgrade free?

Yes, OpenClaw Memory Upgrade is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does OpenClaw Memory Upgrade support?

OpenClaw Memory Upgrade is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created OpenClaw Memory Upgrade?

It is built and maintained by John Wang (@johnnywang2001); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments