← Back to Skills Marketplace

Lily Memory Plugin

Name: Lily Memory Plugin
Author: kevinodell

by kevinodell · GitHub ↗ · v5.2.3

cross-platform ✓ Security Clean

1613

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install lily-memory

Description

Persistent memory plugin for OpenClaw agents. Hybrid SQLite FTS5 keyword + Ollama vector semantic search with auto-capture, auto-recall, stuck-detection, and...

README (SKILL.md)

Lily Memory

Persistent memory plugin for OpenClaw agents. Gives your agent long-term memory that survives session resets, compaction, and restarts.

What It Does

Auto-recall: Injects relevant memories as context before each LLM turn
Auto-capture: Extracts facts from conversations and stores them automatically
Hybrid search: SQLite FTS5 keyword search + Ollama vector cosine similarity
Stuck detection: Detects topic repetition and nudges the agent to break loops
Memory consolidation: Deduplicates entries on startup
Dynamic entities: Config-driven allowlist + runtime tool to add entities
Graceful degradation: Works without Ollama (keyword-only mode)
Minimal dependencies: Uses better-sqlite3 for secure parameterized queries + native fetch

Requirements

Node.js 18+ (for native fetch)
better-sqlite3 npm package (installed via npm install)
Optional: Ollama with nomic-embed-text model for semantic search

Quick Start

Install the plugin to your extensions directory
Add to your openclaw.json:

{
  "plugins": {
    "slots": { "memory": "lily-memory" },
    "entries": {
      "lily-memory": {
        "enabled": true,
        "config": {
          "dbPath": "~/.openclaw/memory/decisions.db",
          "entities": ["config", "system"]
        }
      }
    }
  }
}

Restart the gateway: openclaw gateway restart

Tools

Tool	Description
`memory_search`	FTS5 keyword search across all facts
`memory_entity`	Look up all facts for a specific entity
`memory_store`	Save a fact to persistent memory
`memory_semantic_search`	Vector similarity search via Ollama
`memory_add_entity`	Register a new entity at runtime

Configuration

Option	Type	Default	Description
`dbPath`	string	`~/.openclaw/memory/decisions.db`	SQLite database path
`autoRecall`	boolean	`true`	Inject memories before each turn
`autoCapture`	boolean	`true`	Extract facts from responses
`maxRecallResults`	number	`10`	Max memories per turn
`maxCapturePerTurn`	number	`5`	Max facts per response
`stuckDetection`	boolean	`true`	Topic repetition detection
`vectorSearch`	boolean	`true`	Ollama semantic search
`ollamaUrl`	string	`http://localhost:11434`	Ollama endpoint
`embeddingModel`	string	`nomic-embed-text`	Embedding model
`consolidation`	boolean	`true`	Dedup on startup
`vectorSimilarityThreshold`	number	`0.5`	Min cosine similarity
`entities`	array	`[]`	Additional entity names

Architecture

Recall flow: Extract keywords from message -> FTS5 + vector search -> merge and deduplicate -> inject as context

Capture flow: Regex scan for entity: key = value patterns -> validate entity against allowlist -> store to SQLite -> async embed via Ollama

Stuck detection: Track top 5 content words per response -> Jaccard similarity -> if 3+ consecutive >60% overlap, inject Reflexion nudge

License

MIT

Usage Guidance

This plugin appears to implement what it claims, but review these points before installing: - Privacy: auto-capture defaults to capturing conversation text (capturePolicy: "all"). Sensitive information (passwords, API keys, PII) could be written to the plugin's SQLite DB. Consider switching capturePolicy to "assistant-only" or "tagged-only" or disabling autoCapture until you audit it. - Remote embeddings: the plugin will call the configured ollamaUrl for embeddings. Keep ollamaUrl set to a local trusted host (default is http://localhost:11434). Do NOT point it to an untrusted remote server if you care about memory confidentiality. - File writes & session modifications: the plugin writes to dbPath (default ~/.openclaw/memory/decisions.db) and the changelog notes a session-guard that may back up/reset session files. If you need to limit filesystem scope, set dbPath to a dedicated directory and review session-guard behavior. - Installation notes: better-sqlite3 is a native npm module and may require build tools; run installs and tests in an isolated environment first. - Audit recommendation: if you plan to use this in production, inspect lib/security.js and lib/session-guard.js (they control injection blocking and session file changes), and consider running the included test suite in a sandbox to confirm behaviour. Overall: coherent for its stated purpose, but treat it as privacy-sensitive and configure/inspect accordingly.

Capability Analysis

Type: OpenClaw Skill Name: lily-memory Version: 5.2.3 The OpenClaw AgentSkills skill bundle 'lily-memory' is classified as benign. The code demonstrates a strong focus on security, employing multiple layers of defense against common attack vectors. Key indicators include consistent use of parameterized SQL queries in `lib/sqlite.js` to prevent SQL injection, robust path traversal protection in `lib/sqlite.js::resolveDbPath`, and comprehensive input validation and sanitization in `lib/entities.js` and `lib/extraction.js`. Most notably, `lib/security.js` explicitly implements prompt injection detection using detailed regex patterns for instruction override, credential theft, and destructive commands, logging any blocked attempts. The plugin's functionality, including external API calls to Ollama, is aligned with its stated purpose and includes graceful degradation mechanisms.

Capability Assessment

✓ Purpose & Capability

Name/description match the implementation: Node.js + better-sqlite3 for SQLite FTS5, optional Ollama embedding calls, FTS + vector search, auto-capture and auto-recall, stuck-detection, consolidation and entity management. No unrelated credentials or bizarre binaries are requested.

ℹ Instruction Scope

SKILL.md and index.js align: plugin is installed into extensions, configured in openclaw.json, and registers memory-related tools and lifecycle hooks. However, default behaviour includes auto-capture of conversation text (capturePolicy defaults to "all") and automatic writes to a persistent DB under ~/.openclaw by default. The plugin also contains a session health guard that may modify session files (backups and resets) to enforce context caps — this is within the plugin's stated goals but is a system-level file modification you should be aware of.

✓ Install Mechanism

This is an instruction-and-source bundle (no remote download URL). SKILL.md requires node and better-sqlite3 (an npm native module). No external arbitrary installers, URL downloads, or shorteners are used. Note: better-sqlite3 is a native package and may need build tools on the host.

ℹ Credentials

The skill requests no environment variables or credentials. The only network interactions are optional Ollama embedding calls to the configured ollamaUrl (default localhost:11434). That means if an operator configures ollamaUrl to a remote server, embeddings (and therefore potentially sensitive memory text) will be sent there. Persistent storage is local by default (dbPath) and the plugin can read/write session files — appropriate for a memory plugin but privacy-sensitive.

ℹ Persistence & Privilege

The plugin is not force-included (always:false) and uses normal autonomous invocation. It persists data to user-configurable sqlite DB files and may modify session files (session-guard behavior described in changelog). That behavior is consistent with its purpose but is a privileged filesystem operation: it can alter session state and persist user messages.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install lily-memory
After installation, invoke the skill by name or use /lily-memory
Provide required inputs per the skill's parameter spec and get structured output

Version History

v5.2.3

add install spec to plugin manifest, fix dependency metadata

v5.2.2

rename escapeSqlValue to sanitizeValue, fix README dependency claims

v5.2.1

remove sensitive dev docs from publish bundle

v5.2.0

Fix embeddings.js SQL injection, add prompt injection defense (protected entities, injection detection, security audit log, capture policy config)

v5.1.1

Security fix: replace execSync with better-sqlite3, parameterized queries, path traversal validation

v5.1.0

v5: budget-aware context injection, pressure scaling, entry caps, tool output caps, session guard

v5.0.0

Initial public release: hybrid FTS5 + vector search, auto-capture, auto-recall, stuck-detection, consolidation, zero npm deps

Metadata

Slug lily-memory

Version 5.2.3

License —

All-time Installs 5

Active Installs 5

Total Versions 7

Frequently Asked Questions

What is Lily Memory Plugin?

Persistent memory plugin for OpenClaw agents. Hybrid SQLite FTS5 keyword + Ollama vector semantic search with auto-capture, auto-recall, stuck-detection, and... It is an AI Agent Skill for Claude Code / OpenClaw, with 1613 downloads so far.

How do I install Lily Memory Plugin?

Run "/install lily-memory" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Lily Memory Plugin free?

Yes, Lily Memory Plugin is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Lily Memory Plugin support?

Lily Memory Plugin is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Lily Memory Plugin?

It is built and maintained by kevinodell (@kevinodell); the current version is v5.2.3.

More Skills