← Back to Skills Marketplace
6411
Downloads
9
Stars
34
Active Installs
43
Versions
Install in OpenClaw
/install clawvault
Description
Agent memory system with memory graph, context profiles, checkpoint/recover, structured storage, semantic search, observational memory, task tracking, canvas...
Usage Guidance
Install only if you want persistent agent memory. Review the hook before enabling it, choose the vault path deliberately, avoid storing secrets or unrelated private history in the vault, and leave GEMINI_API_KEY unset unless sending transcript-derived content to Gemini is acceptable for your work.
Capability Analysis
Type: OpenClaw Skill
Name: clawvault
Version: 2.5.13
The OpenClaw AgentSkills bundle for ClawVault is classified as benign. The `SKILL.md` transparently declares its capabilities, including reading/writing files in a vault directory, modifying OpenClaw session transcripts (with backups), and making LLM API calls for 'observe' compression using an optional `GEMINI_API_KEY`. The `hooks/clawvault/handler.js` implements these features by executing the `clawvault` CLI tool using `child_process.execFileSync` with `shell: false`, which is a secure method that prevents shell injection. Furthermore, the handler includes extensive input sanitization for all data passed to CLI commands or injected into agent prompts, demonstrating a strong focus on security. Any prompt injection against the agent is for benign purposes, such as providing context or a memory checklist, and is carefully sanitized.
Capability Assessment
Purpose & Capability
The file, transcript, hook, and optional LLM-compression capabilities fit the stated agent-memory and context-recovery purpose, and they are disclosed in the skill documentation.
Instruction Scope
The hook automatically checkpoints, observes, reflects, and injects context after the user installs and enables it; this is purpose-aligned but affects future sessions without a fresh per-session prompt.
Install Mechanism
Installation relies on global npm packages, including a GitHub qmd dependency and latest-version install examples, so users must trust those external packages as well as the reviewed skill bundle.
Credentials
Access is mostly scoped to the configured vault, OpenClaw session transcripts, and optional Gemini API use for observation compression, which is proportionate for this type of memory tool but may involve sensitive project history.
Persistence & Privilege
Lifecycle hooks and a weekly cron persist after explicit hook enablement; the artifacts do not show hidden persistence, privilege escalation, exfiltration, or destructive behavior.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install clawvault - After installation, invoke the skill by name or use
/clawvault - Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.5.13
Schema conformance pass: remove non-spec openclaw metadata keys, add source field, and keep only documented requirement/install/homepage fields for stable registry parsing.
v2.5.12
Metadata normalization: consolidate runtime dependency, installer, and optional env declarations into canonical top-level openclaw metadata and keep metadata.openclaw synchronized.
v2.5.11
Scanner alignment: add explicit top-level requires/install declarations, keep single-line metadata JSON, and simplify metadata payload for stable runtime dependency extraction.
v2.5.10
Parser compatibility fix: convert top-level openclaw field to single-line JSON and keep metadata JSON single-line for strict frontmatter parsers.
v2.5.9
Compatibility publish: add legacy top-level openclaw block and single-line metadata JSON so requirement/install fields are parsed consistently by stricter scanners.
v2.5.8
Metadata schema alignment: keep canonical install/requirement fields under metadata.openclaw and move custom hook descriptors to metadata.clawvault to improve scanner consistency.
v2.5.7
Metadata and transparency polish: corrected display name, retained structured install/env/hook declarations, and shipped minimal auditable bundle (SKILL.md + HOOK.md + handler.js).
v2.5.6
Security hardening follow-up: adds safe install/review workflow and explicit pre-enable hook inspection guidance; keeps structured install/env/hook metadata with included hook source files for auditability.
v2.5.5
Security transparency release: explicit install/env/hook metadata, documented sensitive transcript access, and published hook source files in skill bundle for pre-install review.
v2.5.4
ClawVault v2.5.4
- Major update: streamlines integration as an OpenClaw agent memory module and revises hook system for advanced, event-driven context management.
- OpenClaw hook pack expanded: now responds to additional lifecycle events (`gateway:heartbeat`, `session:start`, `compaction:memoryFlush`), enabling active observation and memory flush on these triggers.
- Updated security and lifecycle documentation—clarifies local-only data storage, no cloud sync, and strict environment variable use.
- Drops previous hook handler files and older hook structure; now requires explicit hook installation/enabling via OpenClaw.
- CLI now mandates `qmd` for core memory graph and query features.
- Simplified and clarified feature documentation; focuses on context-aware retrieval, auto-checkpoint, active observation, and context death handling.
- Removed references to legacy features (Tailscale networking, task/backlog tracking, Obsidian integration) in docs and metadata.
v2.4.6
v2.4.4-v2.4.6: enriched tasks, kanban sync/import, pluggable compression, dynamic prompt injection, config/recover/route commands, 446 tests
v2.4.2
v2.4.2: Fix init flags (--minimal, --categories, --no-bases, --name), existing vault detection, updated SKILL.md for v2.4.x features (canvas templates, neural theme, Obsidian Bases), corrected hook events to match OpenClaw reality
v2.0.4
Fix metadata format: YAML-embedded JSON (multi-line), declares kind=cli, required bins, install spec, env vars, hook events/capabilities/does_not. Addresses all audit warnings.
v2.0.3
Clean skill package: SKILL.md + hooks only. Removed repo artifacts (bin, tests, scripts, changelog). Full metadata audit compliance.
v2.0.2
v2.0: Memory graph, context profiles, compat diagnostics, CLI modularization, full metadata audit compliance
v2.0.1
Fix metadata: declare kind=cli, env vars, hook events/capabilities/does_not. Addresses audit warning about instruction-only vs full CLI mismatch.
v2.0.0
Memory graph index, graph-aware context retrieval, context profiles (default/planning/incident/handoff), OpenClaw compat diagnostics, CLI modularization into 7 command groups, flexible hook event routing, 367+ tests
v1.12.2
Fix: include _meta.json in publish (was missing since v1.12.1, causing registry/SKILL.md inconsistency audit warning)
v1.12.1
Test: exact v1.11.4 content to verify audit determinism
v1.12.0
Security: HOOK.md now declares install spec, requires.bins, env vars, capabilities, network behavior, and does_not list — matching SKILL.md metadata and handler.js exactly. Fixes 'missing required binary declaration and missing install spec' audit finding.
Metadata
Frequently Asked Questions
What is ClawVault?
Agent memory system with memory graph, context profiles, checkpoint/recover, structured storage, semantic search, observational memory, task tracking, canvas... It is an AI Agent Skill for Claude Code / OpenClaw, with 6411 downloads so far.
How do I install ClawVault?
Run "/install clawvault" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is ClawVault free?
Yes, ClawVault is completely free (open-source). You can download, install and use it at no cost.
Which platforms does ClawVault support?
ClawVault is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created ClawVault?
It is built and maintained by G9Pedro (@g9pedro); the current version is v2.5.13.
More Skills