← Back to Skills Marketplace
Claw Store 1.3.3
by
Regan-Milne
· GitHub ↗
· v1.3.5
· MIT-0
240
Downloads
1
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install claw-store-1-3-3
Description
Sovereign, recoverable memory for AI agents backed by Jackal decentralized storage.
README (SKILL.md)
\r \r
Claw Store\r
\r Persist your memory across sessions and machines. Your data lives on Jackal Protocol decentralized storage — not on any single machine. If the machine dies, your memory survives.\r \r All content is encrypted client-side with AES-256-GCM before leaving your machine. The server never sees plaintext.\r \r
Trust & security quick facts\r
\r
- Runtime API host:
https://web-production-5cce7.up.railway.app(separate from homepage domain)\r - Data leaving your machine: encrypted payloads + key metadata + your Jackal public address for provisioning\r
- Data not leaving your machine: plaintext memory content, encryption key, wallet mnemonic/private key\r
- No runtime wordlist download: BIP39 English wordlist is vendored locally in this skill package\r
- Secret file permissions: locally generated key/mnemonic files are written with
0600permissions\r \r - Homepage: https://obsideo.io\r
- Source code: https://github.com/Regan-Milne/jackal-memory\r
- Publisher: Obsideo ([email protected])\r \r
Setup\r
\r
- Get an API key: https://web-production-5cce7.up.railway.app/auth/login\r
- Set environment variable:
JACKAL_MEMORY_API_KEY=\x3Cyour-key>\r - Install Python dependency:
pip install cryptography\r - Install Node.js runtime (recommended Node >=20) and install helper deps in the skill folder:\r
npm install\r - On first save, an encryption key and a Jackal wallet are auto-generated locally and saved to\r
~/.config/jackal-memory/. These never leave your machine.\r \r Back up your encryption key (run once, store the output safely):\r
python {baseDir}/jackal-memory/client.py keygen\r
```\r
Set `JACKAL_MEMORY_ENCRYPTION_KEY=\x3Cyour-key>` to use the same key on other machines.\r
\r
**Back up your Jackal wallet mnemonic** (controls on-chain storage ownership):\r
```\r
python {baseDir}/jackal-memory/client.py wallet\r
```\r
Set `JACKAL_MEMORY_WALLET_MNEMONIC=\x3Cmnemonic>` to use the same wallet on other machines.\r
\r
## Onboarding new users\r
\r
If `JACKAL_MEMORY_API_KEY` is not set:\r
\r
1. Tell the user you need their Claw Store API key to get started\r
2. Send them to: https://web-production-5cce7.up.railway.app/auth/login — sign in with Google, the key is shown immediately\r
3. Instruct them to set it **directly in their environment** — never share or paste an API key into chat:\r
```\r
export JACKAL_MEMORY_API_KEY=\x3Ctheir-key>\r
```\r
4. Once set, confirm you're connected and offer to save something right away as a first test\r
5. After the first successful save, remind the user to back up their Jackal wallet mnemonic:\r
```\r
python {baseDir}/jackal-memory/client.py wallet\r
```\r
The mnemonic controls their on-chain storage. Losing it means losing sovereign access to stored files.\r
\r
**Important:** Never ask the user to paste their API key, encryption key, or wallet mnemonic into chat. Always direct them to set it as an environment variable on their machine.\r
\r
## Base URL\r
\r
`https://web-production-5cce7.up.railway.app`\r
\r
Note: this runtime API host is currently on Railway and is distinct from the project homepage domain (`obsideo.io`). Verify endpoint trust in your environment before use.\r
\r
## Auth\r
\r
`Authorization: Bearer $JACKAL_MEMORY_API_KEY`\r
\r
## Usage\r
\r
**On session start** — restore memory:\r
```\r
python {baseDir}/jackal-memory/client.py load \x3Ckey>\r
```\r
\r
**On session end** — save memory:\r
```\r
python {baseDir}/jackal-memory/client.py save \x3Ckey> \x3Ccontent>\r
```\r
\r
**Check storage usage:**\r
```\r
python {baseDir}/jackal-memory/client.py usage\r
```\r
\r
**List known saved keys (local manifest):**\r
```\r
python {baseDir}/jackal-memory/client.py list\r
python {baseDir}/jackal-memory/client.py list project-\r
```\r
\r
**Export local key manifest for backup/migration:**\r
```\r
python {baseDir}/jackal-memory/client.py manifest-export ~/jackal-manifest.json\r
```\r
\r
**Show/generate Jackal wallet:**\r
```\r
python {baseDir}/jackal-memory/client.py wallet\r
python {baseDir}/jackal-memory/client.py wallet --show-mnemonic\r
python {baseDir}/jackal-memory/client.py walletgen\r
```\r
\r
**Or call the API directly:**\r
```\r
GET /load/{key}\r
POST /save {"key": "...", "content": "..."}\r
GET /usage\r
```\r
\r
## Behaviour guidelines\r
\r
- Load your identity/memory blob on startup before doing any work\r
- Write locally during the session as normal\r
- Call save at session end or on significant state changes\r
- Use descriptive keys: `identity`, `session-2026-02-26`, `project-jackal`\r
- Never log or expose `JACKAL_MEMORY_API_KEY` in output\r
- Never log or expose `JACKAL_MEMORY_ENCRYPTION_KEY` in output\r
\r
## Network latency & propagation (important)\r
\r
Jackal is eventually consistent across a provider pool. A successful save means the write was accepted, but read visibility can lag.\r
\r
Agent protocol:\r
\r
1. If save succeeds, treat it as accepted and continue work (optimistic flow).\r
2. If immediate load fails, do not assume data loss.\r
3. Retry with patience (recommended: 8 attempts, 15s apart; ~2 minutes total).\r
4. If still unavailable, report as `propagation delay` and re-check later.\r
5. Escalate only after extended delay windows continue to fail.\r
\r
Notes:\r
- Provider-level logs like `Error: Can't claim` can be non-fatal noise.\r
- Some providers may temporarily fail while others succeed.\r
- Operationally: save now, verify later, then finalize once data becomes readable.\r
\r
## Proactive memory suggestions\r
\r
When you encounter something that seems important — a key decision, user preference, project status, significant result, or plan — proactively say:\r
\r
> "This seems important. Should I back it up to Claw Store?"\r
\r
If the user confirms, save it immediately with a descriptive key. Do not wait until the end of the session for important information — suggest saving it as soon as you recognise its value.\r
\r
Never proactively suggest storing raw secrets (passwords, API keys, private keys, recovery phrases, tokens).\r
Only store such material if the user explicitly requests it and understands the risk.\r
\r
## Wallet sovereignty\r
\r
Each user gets their own Jackal wallet, generated locally on first save. The private key (mnemonic)\r
**never leaves your machine** — not even the API server sees it. Your storage is owned by your wallet\r
address on the Jackal blockchain. If Obsideo shuts down, you can access your files directly via any\r
Jackal client using your mnemonic.\r
\r
Back up the mnemonic:\r
```\r
python {baseDir}/jackal-memory/client.py wallet\r
```\r
\r
For selective recovery after hardware loss, keep all three backups:\r
1. `JACKAL_MEMORY_WALLET_MNEMONIC`\r
2. `JACKAL_MEMORY_ENCRYPTION_KEY`\r
3. local key manifest (`manifest-export`) so you can restore specific keys instead of guessing.\r
\r
## Endpoint and storage transparency\r
\r
This skill interacts with:\r
\r
- Obsideo API: `https://web-production-5cce7.up.railway.app`\r
- Jackal decentralized storage providers (resolved dynamically by Jackal SDK)\r
- Local subprocess: `jackal-memory/jackal-client.js` (Node helper for Jackal upload/download)\r
\r
Local files written by this skill:\r
\r
- `~/.config/jackal-memory/key` (AES encryption key, if not provided via env; written with `0600`)\r
- `~/.config/jackal-memory/jackal-mnemonic` (wallet mnemonic, if not provided via env; written with `0600`)\r
- `.env` (read-only): `jackal-client.js` will load one directory up if present, to populate missing env vars.\r
\r
Operational note: run in a clean environment when possible to avoid unintentionally inheriting unrelated secrets from `.env`.\r
\r
## Security\r
\r
- All content is encrypted before leaving your machine — the server cannot read your memories\r
- Your Jackal wallet private key never leaves your machine\r
- Set API keys and secrets directly in local environment variables; never paste them into chat\r
- Back up both keys: `keygen` (encryption) and `wallet` (Jackal mnemonic)\r
- Treat memory content as sensitive — it may contain personal or operational data\r
- Do not proactively store raw secrets unless the user explicitly asks\r
- BIP39 English wordlist is included locally in the package (no runtime fetch required).\r
Usage Guidance
This package appears to implement what it claims: client-side AES-256-GCM encryption, local BIP39 wallet handling, and uploads to Jackal providers plus an Obsideo/railway provisioning API. Before installing: (1) Verify the runtime API host (https://web-production-5cce7.up.railway.app) and Github source to ensure you trust the provisioning endpoint. (2) Inspect the remainder of client.py to confirm it sets JACKAL_MNEMONIC / JACKAL_ADDRESS when spawning the Node helper (there's a naming mismatch between JACKAL_MEMORY_WALLET_MNEMONIC and the Node code's JACKAL_MNEMONIC). (3) Treat JACKAL_MEMORY_WALLET_MNEMONIC and JACKAL_MEMORY_ENCRYPTION_KEY as extremely sensitive — prefer storing them in a secure secrets manager or a file with restrictive permissions rather than ephemeral chat. (4) Run npm install and pip install in a controlled environment (or sandbox) and review the dependency tree if you’re concerned about supply-chain risks. If you want higher assurance, provide the full (untruncated) client.py runtime paths so I can confirm how subprocesses are invoked and which env vars are forwarded.
Capability Analysis
Type: OpenClaw Skill
Name: claw-store-1-3-3
Version: 1.3.5
The claw_store skill provides decentralized, encrypted memory storage for AI agents using the Jackal Protocol. The implementation follows strong security practices, including client-side AES-256-GCM encryption in client.py and local storage of sensitive credentials (mnemonics and keys) using restricted file permissions (0600). The SKILL.md instructions explicitly direct the AI agent to avoid requesting secrets in chat and to prevent logging sensitive environment variables. While the skill interacts with an external API (web-production-5cce7.up.railway.app) and decentralized storage providers, the data transmitted is either encrypted or limited to public wallet addresses for provisioning, which is consistent with the stated purpose.
Capability Assessment
Purpose & Capability
Name/description (sovereign recoverable memory on Jackal) match the included code and SKILL.md. The Python + Node helper implement local AES-256-GCM encryption, BIP39 wallet generation, and uploads/downloads to a Jackal provider pool and/or the runtime API; the three required env vars map to an API key, encryption key, and wallet mnemonic which are all reasonable for this purpose.
Instruction Scope
SKILL.md keeps scope focused on storing/restoring encrypted memory and explicitly forbids pasting secrets into chat. One minor inconsistency: the Node helper expects environment names JACKAL_MNEMONIC and JACKAL_ADDRESS, while SKILL.md and the Python code use JACKAL_MEMORY_WALLET_MNEMONIC; verify the Python client sets these env vars when launching the Node subprocess (truncated Python code prevents full confirmation). Also note the runtime provisioning endpoint (BASE_URL) is on a Railway domain different from the project homepage; this is called out in the README but is worth verifying.
Install Mechanism
No remote downloads or opaque install steps in the skill bundle itself; SKILL.md asks for standard pip/npm installs (cryptography, and npm deps). Package.json and package-lock reference public npm packages. No extracted archives from ad-hoc URLs or URL shorteners were observed.
Credentials
Requested environment variables (API key, encryption key, wallet mnemonic) are proportional to a client that optionally provisions storage (API key) and/or operates under a user wallet (mnemonic) with client-side encryption. Caution: mnemonic and encryption key are high-value secrets — SKILL.md instructs backing them up and not sharing, which is correct. Confirm which exact env var names are required at runtime (see instruction_scope note).
Persistence & Privilege
always:false and no install spec means the skill does not request forced permanent inclusion. The skill writes local files (~/.config/jackal-memory) for keys/manifests with 0600 mode, which is appropriate for its function and does not modify other skills or system-wide agent settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install claw-store-1-3-3 - After installation, invoke the skill by name or use
/claw-store-1-3-3 - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.3.5
Dual setup path: save/load now work with mnemonic+encryption key only (no API key needed for pre-provisioned wallets). API key only required for fresh walletgen and usage commands.
Metadata
Frequently Asked Questions
What is Claw Store 1.3.3?
Sovereign, recoverable memory for AI agents backed by Jackal decentralized storage. It is an AI Agent Skill for Claude Code / OpenClaw, with 240 downloads so far.
How do I install Claw Store 1.3.3?
Run "/install claw-store-1-3-3" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Claw Store 1.3.3 free?
Yes, Claw Store 1.3.3 is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Claw Store 1.3.3 support?
Claw Store 1.3.3 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Claw Store 1.3.3?
It is built and maintained by Regan-Milne (@regan-milne); the current version is v1.3.5.
More Skills