← Back to Skills Marketplace
Openclaw Deeprecall
by
Hallllllll
· GitHub ↗
· v0.1.2
· MIT-0
379
Downloads
0
Stars
3
Active Installs
3
Versions
Install in OpenClaw
/install openclaw-deeprecall
Description
Provides persistent two-tier memory with semantic fact search and raw content retrieval, plus automatic cleanup of temporary session files.
Usage Guidance
This skill appears to implement a legitimate two-tier memory and summarization system, but there are notable privacy and configuration mismatches you should consider before installing:
- Credential access: The summarizer reads OpenClaw configuration files (e.g., ~/.openclaw/openclaw.json, /etc/openclaw/openclaw.json, workspace/openclaw.json) to obtain LLM provider baseUrl and apiKey. Even though the manifest does not declare required credentials, the code will try to read and use those API keys. If those files contain secrets you don't want shared with this skill, do not install or run it until you review or remove those keys.
- Permanent storage: By default the tool stores raw session content in the L2 archive (memory.db) and the SKILL explicitly states those records are permanent and never deleted. If you have sensitive data in session .md files, disable raw storing (use --no-store-raw where possible), or ensure the DB is stored in an isolated location you control, or encrypt/remove L2 storage.
- Cross-workspace access: Path detection searches parent directories and 'agents' structures and may find configs or memory directories belonging to other agents. Run this skill in an isolated workspace (or set OPENCLAW_WORKSPACE to a dedicated directory) and test with dry-run options first.
- Test safely first: Use summarize --test-config and cleanup --dry-run to observe behavior. Consider setting deeprecall.summarizer.preferred_provider to a local/test provider or null to trigger rule-based extraction, and use --no-store-raw while testing.
- Desired changes: Prefer that the skill explicitly declare it requires OpenClaw provider credentials (or require OPENCLAW_API_KEY env), and provide an option to disable L2 archiving permanently. If you cannot confirm those changes, treat installation as potentially exposing local OpenClaw credentials and persistent raw data.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-deeprecall
Version: 0.1.2
The DeepRecall skill bundle provides a legitimate two-tier memory retrieval system for AI agents, using SQLite for structured storage and local Markdown files for raw logs. The code follows its stated purpose, utilizing parameterized SQL queries in `memory_retriever.py` to prevent injection and implementing a controlled file cleanup mechanism restricted to `.md` files within the agent's workspace. While `memory_summarizer.py` performs outbound network requests to LLM providers, it correctly retrieves API credentials from the user's existing OpenClaw configuration and limits data transmission to the content of memory files for summarization purposes.
Capability Assessment
Purpose & Capability
Functionality (L1/L2 memory, summarization, cleanup) matches the name and description. However, the skill's metadata declares no required credentials while the summarizer explicitly requires an LLM API provider (baseUrl + apiKey) from OpenClaw configuration files; that credential requirement is documented in SKILL.md but not reflected in declared requirements, causing a mismatch.
Instruction Scope
SKILL.md instructs auto-registering tools and zero-config behavior which is consistent with the purpose. But the runtime code searches for OpenClaw config files in multiple locations (including /etc and parent directories) and will read those files to obtain API keys. The instructions and code therefore grant the skill access to local/system configuration and potentially other agents' workspaces, which is broader than a simple 'memory retrieval' operation and may expose unrelated secrets.
Install Mechanism
No network downloads or package installs are performed by an install spec (instruction-only install). The bundle includes Python scripts and a requirements.txt (aiohttp) but no installer that pulls remote artifacts; this is low-risk from an installation/execution provenance perspective.
Credentials
The manifest declares no required environment variables or primary credential, yet the code reads OPENCLAW_WORKSPACE and scans for openclaw.json files to retrieve provider baseUrl and apiKey. That means local/system stored API keys (in ~/.openclaw, /etc/openclaw/, workspace parent, etc.) may be read and used — a credential access pattern not reflected in the skill metadata. Also the DB permanently stores raw content (L2) by default, which increases the sensitivity of stored data.
Persistence & Privilege
The skill creates and writes a persistent memory.db (auto-created in discovered memory/ locations) and documents that L1/L2 records are permanent and never deleted. While always:false and no elevated platform flags are present, the permanent storage of raw content (and auto-registration/zero-config behavior) increases long-term data exposure and cross-agent leakage risk, especially because the code auto-detects parent/agents directories.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-deeprecall - After installation, invoke the skill by name or use
/openclaw-deeprecall - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.2
- Added CONFIG_GUIDE.md with detailed configuration instructions.
- Introduced requirements.txt for explicit Python dependencies.
- Updated SKILL.md to reference CONFIG_GUIDE.md and clarify config options; config.example.json is now explicitly JSON-compliant and comment-free.
- Various documentation improvements for clarity and maintainability.
- No changes to skill core logic or APIs.
v0.1.1
- Added LLM-powered memory summarization capability via the new `summarize_memory_files` tool and CLI command, using a configurable model provider.
- Introduced configuration file support (`config.example.json`) for customizing summarization settings, model selection, and automated scheduling.
- Updated documentation and manifest to include the new summarization tool, usage instructions, and advanced configuration options.
- Enhanced CLI (`memory_db_tool.py`) with summarize commands and test utilities.
- Included a new script `scripts/memory_summarizer.py` for automatic or manual extraction of structured facts from raw memory files.
v0.1.0
- Initial release of DeepRecall, a persistent two-tier memory system for AI agents.
- Provides semantic search over structured L1 facts and retrieval of exact L2 raw content.
- Automatic tool registration and retrieval protocol for prior work, decisions, and related queries.
- Zero-configuration, self-bootstrapping setup with per-agent database and automatic file management.
- Includes CLI tools for searching facts, reading archives, database stats, and safe cleanup of temporary raw files.
Metadata
Frequently Asked Questions
What is Openclaw Deeprecall?
Provides persistent two-tier memory with semantic fact search and raw content retrieval, plus automatic cleanup of temporary session files. It is an AI Agent Skill for Claude Code / OpenClaw, with 379 downloads so far.
How do I install Openclaw Deeprecall?
Run "/install openclaw-deeprecall" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Openclaw Deeprecall free?
Yes, Openclaw Deeprecall is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Openclaw Deeprecall support?
Openclaw Deeprecall is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Openclaw Deeprecall?
It is built and maintained by Hallllllll (@hallllllll); the current version is v0.1.2.
More Skills