← Back to Skills Marketplace
ClawSeal
by
Shawn Cohen
· GitHub ↗
· v1.0.3
· MIT-0
71
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install clawseal
Description
Cryptographic memory for AI agents with QSEAL tamper-evidence. Zero-config demo mode, scroll-native YAML storage.
README (SKILL.md)
ClawSeal: Cryptographic Memory for OpenClaw Agents
What This Skill Does
ClawSeal adds persistent, tamper-evident memory to OpenClaw agents:
- Remember user preferences — Scrolls signed with QSEAL (HMAC-SHA256)
- Recall with verification — Every memory cryptographically verified on retrieval
- Detect tampering — Any modification breaks signature immediately
- Zero database dependencies — Pure YAML files, Git-friendly
- Auto-demo mode — Works immediately without setup (persistent secret at
~/.clawseal/demo_secret)
When to Use This Skill
Use ClawSeal whenever you need to:
- Remember user preferences across conversations
- Store facts/insights that should persist
- Verify memory integrity (compliance/audit scenarios)
- Track user relationship evolution
Available Tools
clawseal_remember
Store a memory with QSEAL signature.
Usage:
curl -X POST http://localhost:5002/remember \
-H "Content-Type: application/json" \
-d '{
"content": "User prefers concise technical explanations",
"memory_type": "preference",
"user_id": "openclaw_user"
}'
Returns:
{
"success": true,
"memory_id": "MEM_20260415_abc123",
"qseal_signature": "OXIaQboYCy5csPif7LWGz4scHZAB0YKpAPwVuXjCXLc=",
"qseal_mode": "demo_ephemeral",
"qseal_production": false
}
clawseal_recall
Retrieve memories matching a query, with QSEAL verification.
Usage:
curl -X POST http://localhost:5002/recall \
-H "Content-Type: application/json" \
-d '{
"query": "user preferences",
"user_id": "openclaw_user",
"limit": 5
}'
Returns:
{
"success": true,
"count": 2,
"memories": [
{
"scroll_id": "MEM_20260415_abc123",
"content": "User prefers concise technical explanations",
"memory_type": "preference",
"qseal_verified": true,
"qseal_mode": "demo_ephemeral"
}
]
}
clawseal_verify_memory
Explicitly verify a specific memory's QSEAL signature.
Usage:
curl -X POST http://localhost:5002/verify \
-H "Content-Type: application/json" \
-d '{
"memory_id": "MEM_20260415_abc123",
"user_id": "openclaw_user"
}'
Returns:
{
"valid": true,
"memory_id": "MEM_20260415_abc123",
"signature_verified": true,
"content_intact": true,
"qseal_mode": "demo_ephemeral"
}
Example Conversation Flow
User: "Remember that I prefer detailed technical explanations with code examples"
Agent: "I'll store that preference in ClawSeal."
Agent calls clawseal_remember:
curl -X POST http://localhost:5002/remember \
-d '{"content": "User prefers detailed technical explanations with code examples", "memory_type": "preference", "user_id": "openclaw_user"}'
Agent: "Stored! Memory ID: MEM_20260415_abc123 (QSEAL verified)"
User (new session): "What do you know about my preferences?"
Agent: "Let me recall your preferences from ClawSeal."
Agent calls clawseal_recall:
curl -X POST http://localhost:5002/recall \
-d '{"query": "preferences", "user_id": "openclaw_user", "limit": 5}'
Agent: "I found 1 verified memory: You prefer detailed technical explanations with code examples. (QSEAL signature verified ✅)"
Installation
Automatic (via OpenClaw):
openclaw plugins install clawseal
Manual:
# Install Python package
pip install clawseal
# Verify installation
clawseal verify
# Start server (auto-starts on port 5002)
python3 -m clawseal_openclaw.server
Production Setup
Demo mode (default): Uses persistent secret at ~/.clawseal/demo_secret
- ✅ Works immediately
- ⚠️ Not production-ready (ephemeral secret)
Production mode: Set QSEAL_SECRET environment variable
# Generate production secret
clawseal init
# Restart server (will detect QSEAL_SECRET)
python3 -m clawseal_openclaw.server
Memory Types
preference🎯 — User preferencesfact📌 — Factual informationinsight✨ — Insights/observationsdecision⚖️ — Decision recordsgeneral📝 — General notes
Security Notes
- QSEAL signatures — HMAC-SHA256, tamper-evident
- Demo mode — Persistent local secret (chmod 600), marked in artifacts
- Production mode — User-managed QSEAL_SECRET (rotate regularly)
- Tampering detection — Any modification breaks signature immediately. This memory has been permanently rejected. All other memories remain verified and intact. Your agent's integrity is protected.
Usage Guidance
This package appears to do what it says: a local, tamper-evident memory service. Before installing: 1) Review the upstream 'clawseal' PyPI package/source (pip install runs package code); 2) understand demo mode creates a persistent secret at ~/.clawseal/demo_secret — protect or delete it if you don't want a local long-lived secret; 3) the installer registers a per-user autostart service (launchd/systemd user) — remove the unit to uninstall persistence; 4) run the server bound to localhost by default, but check service args if you change them to avoid exposing it network-wide; 5) for production, set and protect QSEAL_SECRET (use a secrets manager), rotate regularly, and audit the scrolls directory. If you are cautious, test inside a isolated environment/container and inspect the installed 'clawseal' package source before granting it long-lived presence.
Capability Analysis
Type: OpenClaw Skill
Name: clawseal
Version: 1.0.3
The ClawSeal skill provides a persistent cryptographic memory system for agents, but its installation process involves high-risk behaviors. Specifically, the 'install.sh' script automatically registers background services using launchd (macOS) and systemd (Linux) to ensure the Flask server ('backend/clawseal_server.py') runs on boot and restarts on failure. While this persistence is documented and supports the stated purpose of 'persistent memory,' the automated creation of system-level daemons and the installation of external Python packages from PyPI are significant security risks that require careful vetting.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description (tamper-evident local memory) matches what is present: a Python package dependency (clawseal), a small Flask HTTP bridge, curl-based usage examples, and an installer that sets up a local service. Required binaries (python3, curl) and written files (YAML scrolls) are exactly what you'd expect for this functionality.
Instruction Scope
SKILL.md and examples only direct local HTTP calls (localhost:5002), creating and verifying signed YAML memory files and using a local demo secret (~/.clawseal/demo_secret). They do instruct installing a Python package and registering an auto-start user service; they do not instruct reading unrelated system files or exfiltrating data. Note: demo mode uses a persistent file secret in the user's home directory — this is a design decision that carries a local-secret-protection risk.
Install Mechanism
install.sh uses pip to install the clawseal package and installs Flask deps via requirements.txt, then writes a per-user systemd or launchd unit and starts the service. This is a standard but moderately privileged install flow (runs package setup code and registers an auto-start service). No downloads from arbitrary IPs or URL-shorteners; package source is PyPI (pip) and files are created under the user's home/repo directory.
Credentials
The bundle requires no global credentials by default. Production mode optionally uses a QSEAL_SECRET environment variable (explicitly documented) which is appropriate and proportionate for HMAC signing. The demo secret file is created locally; users should understand that anyone with access to that file can forge signatures.
Persistence & Privilege
The installer registers a per-user auto-start service (launchd or systemd user) so the server persists and restarts on failure. This persistence is consistent with a local memory service, but users should be aware it will run on login/boot under their account and create/own scroll files and logs.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install clawseal - After installation, invoke the skill by name or use
/clawseal - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.3
Initial ClawSeal release — cryptographic memory for OpenClaw agents with QSEAL tamper-evidence
Metadata
Frequently Asked Questions
What is ClawSeal?
Cryptographic memory for AI agents with QSEAL tamper-evidence. Zero-config demo mode, scroll-native YAML storage. It is an AI Agent Skill for Claude Code / OpenClaw, with 71 downloads so far.
How do I install ClawSeal?
Run "/install clawseal" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is ClawSeal free?
Yes, ClawSeal is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does ClawSeal support?
ClawSeal is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created ClawSeal?
It is built and maintained by Shawn Cohen (@sdvegas21); the current version is v1.0.3.
More Skills