← Back to Skills Marketplace
thebobloblaw

Rune - Self-Improving AI Memory

by Cory Freeman · GitHub ↗ · v1.1.5
cross-platform ⚠ suspicious
608
Downloads
0
Stars
1
Active Installs
8
Versions
Install in OpenClaw
/install rune
Description
Self-improving AI memory system with intelligent context injection and adaptive learning
Usage Guidance
This package appears to be a real, local-first AI memory CLI that modifies your home directory, installs a global 'rune' binary, and wires session hooks and workflow scripts into ~/.openclaw. Those behaviors are coherent for a persistent memory tool, but you should not install it blindly. Recommended steps before installing: 1) Inspect package.json and install.sh locally (use ./install.sh --dry-run or --verify modes provided). 2) Review the code for any network calls or telemetry (search for fetch, http, axios, or hard-coded URLs). 3) Verify you're comfortable with it creating/modifying ~/.openclaw and HEARTBEAT.md and installing a global CLI (it will replace an existing 'rune' or 'brokkr-mem' if present). 4) Run the installer in a sandbox/container or VM first if possible. 5) Avoid exporting cloud API keys unless you need cloud extraction; default local operation is possible. 6) Because the static scan flagged a 'system-prompt-override' pattern in SKILL.md, review the README/SKILL.md for any instructions that try to override agent/system prompts or give the skill broad, ambiguous authority. If you lack time or trust for a manual audit, treat this as untrusted software and don't install it on critical systems.
Capability Analysis
Type: OpenClaw Skill Name: rune Version: 1.1.5 The OpenClaw Rune skill bundle is classified as benign. While a critical shell injection vulnerability (CVE-2026-0001) was present in previous versions, the provided files clearly document its fix and implement robust input sanitization in `rune-session-handler.sh` and `setup-workflow.sh`. The installation script (`install.sh`) and workflow setup (`setup-workflow.sh`) perform expected integration tasks, such as creating `~/.openclaw` directories, installing a global CLI, and modifying `~/.openclaw/workspace/HEARTBEAT.md` to add maintenance commands for the memory system. Markdown instructions (`SKILL.md`, `README.md`, `INTEGRATION-GUIDE.md`) guide the AI agent's behavior in using the memory system, not to subvert its core directives or exfiltrate data. Core application logic (`src/*.js`) uses parameterized SQL queries and handles LLM API keys securely via environment variables. There is no evidence of intentional harmful behavior, data exfiltration, backdoors, or obfuscation. A minor privacy concern is the logging of context recall events to `/tmp/rune-usage.log` without explicit user consent, but this is not a security vulnerability or malicious act.
Capability Assessment
Purpose & Capability
The skill's declared purpose (self-improving AI memory) aligns with the included code, installer, and session hooks: it installs a CLI, creates ~/.openclaw/memory.db, and wires heartbeat/session hooks. However the registry metadata originally claimed 'instruction-only / no install spec' while the package clearly contains install.sh, setup-workflow.sh and many source files — a mismatch the changelog even calls out. That metadata inconsistency is unexpected and worth noting.
Instruction Scope
SKILL.md and the included scripts instruct the agent/user to run an installer that creates files in the user's home (~/.openclaw), appends to HEARTBEAT.md, installs a global npm CLI, and add mandatory workflow scripts/crons. Those actions are coherent with a memory CLI but are invasive (write/modify user files, add scheduled jobs, replace an existing 'rune'/'brokkr-mem' binary). The package also encourages 'forcing functions' (mandatory usage), which is aggressive but within the product goal. The pre-scan flagged a 'system-prompt-override' pattern in SKILL.md; while SKILL.md itself appears to be installation and workflow guidance, that finding could indicate prompt-manipulative text — treat it as suspicious (see scan_findings_in_context).
Install Mechanism
Installation is via included install.sh which runs 'npm install --production' and 'npm install -g .', creates the ~/.openclaw tree, initializes an SQLite DB, and writes workflow scripts into the user's home. This is a moderate-risk install mechanism (npm packages + executing an install script) but uses standard sources (npm) rather than arbitrary external downloads. The installer makes backups before modifying HEARTBEAT.md. Because the installer executes code as part of npm install and writes global binaries and cron suggestions, review package.json and install.sh before running, and prefer dry-run/verify modes provided.
Credentials
The skill declares no required environment variables or credentials. Cloud API keys (Anthropic/OpenAI) are only optional and explicitly documented for optional cloud features; local-first (Ollama) is the default. No unrelated credentials or surprising secrets are requested. This is proportional to the stated optional cloud-enhanced features.
Persistence & Privilege
The skill does persist to disk (creates ~/.openclaw, memory DB) and installs a global CLI — expected for this purpose. always:false (not force-included). It registers session hooks in skill.json that call ./rune-session-handler.sh start/end; the handler sanitizes input, which mitigates common shell-injection risks. The package's design intentionally enforces workflow integration (forcing functions) which increases its behavioral footprint; consider this social/operational persistence when deciding to install.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install rune
  3. After installation, invoke the skill by name or use /rune
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.5
FINAL: Metadata integrity fix & proper display name 🎯 REGISTRY METADATA RESOLVED: ✅ Fixed 'instruction-only' vs installable inconsistency ✅ Proper display name: 'Rune - Self-Improving AI Memory' ✅ Clear installation specifications in registry metadata ✅ Accurate reflection of install.sh and workflow components 🔧 WHAT THIS FIXES: • Registry now correctly shows this as installable skill • Display name shows 'Rune' instead of generic 'Skill' • Installation metadata properly synchronized • Clear documentation of system-level integration requirements ⚠️ IMPORTANT: This is an INSTALLABLE skill with system integration • Modifies ~/.openclaw/workspace/HEARTBEAT.md • Creates workflow automation scripts • Includes session hooks for automatic memory usage • Intrusive by design to prevent memory system non-usage 📋 FINAL PRODUCTION-READY RELEASE Complete memory system with workflow integration, security fixes, and accurate metadata. Ready for users who want systematic memory usage.
v1.1.3
🚨 CRITICAL SECURITY FIX: RCE vulnerability in context-inject.sh VULNERABILITY: Shell injection in workflow integration scripts - Unsanitized $TOPIC parameter vulnerable to command injection - Attack example: '; rm -rf / #' could execute malicious commands RESOLUTION: ✅ Added input sanitization to context-inject.sh ✅ Same security pattern as rune-session-handler.sh ✅ Prevents shell metacharacter injection attacks ✅ Fixed both local and package-generated scripts IMPACT: Closes RCE vulnerability in workflow automation CREDIT: Third-party security analysis identified this issue URGENT: Update recommended for all users of workflow integration
v1.1.2
SECURITY FIX: Session hook argument mismatch ClawHub security scan identified critical issue: - skill.json sessionHooks used onStart/onEnd - rune-session-handler.sh expected start/end - Mismatch could cause unexpected behavior FIXED: Updated sessionHooks to use correct arguments - Prevents potential session hook failures - Ensures proper automated invocation - Thanks to ClawHub security scanning for catching this!
v1.1.1
## Rune 1.1.1 - Introduces a new CLI (`rune`) replacing the previous `brokkr-mem`, with streamlined commands and documentation updates. - Adds essential documentation: README.md, INTEGRATION-GUIDE.md, COMMON-MISTAKES.md, SECURITY.md, and a new CHANGELOG.md. - Expands source with new modules supporting advanced memory features, proactive notifications, self-improvement analysis, and workflow integration tools. - Updates installation, integration examples, and command references for clarity and consistency with new CLI. - Improved skill metadata, session handler, and shell integration for better security and usability.
v1.0.3
Documentation fixes based on ClawHub security review feedback
v1.0.2
- Added secure session handler script (rune-session-handler.sh) for safe session integration - Introduced _meta.json for enhanced internal metadata management - Updated documentation to include security best practices and guidance on safe input handling - SKILL.md now provides explicit instructions and code examples for input sanitization in session hooks - Improved OpenClaw integration details with emphasis on secure operation
v1.0.1
🔒 SECURITY UPDATE: Fixed credentials storage vulnerability, added privacy warnings, transparent cloud API declarations, local-first design. Now fully compliant with ClawHub security standards.
v1.0.0
🧠 Revolutionary self-improving memory system for OpenClaw assistants! Features: • Learns and adapts from every interaction • 80% token savings with intelligent context injection • Perfect recall with dynamic relevance scoring • Pattern detection prevents repeated mistakes • Autonomous project management and task recommendations • Temporal queries ('what did we work on yesterday?') • Memory consolidation and smart forgetting curves Production-tested with 140+ facts - gets smarter every day!
Metadata
Slug rune
Version 1.1.5
License
All-time Installs 1
Active Installs 1
Total Versions 8
Frequently Asked Questions

What is Rune - Self-Improving AI Memory?

Self-improving AI memory system with intelligent context injection and adaptive learning. It is an AI Agent Skill for Claude Code / OpenClaw, with 608 downloads so far.

How do I install Rune - Self-Improving AI Memory?

Run "/install rune" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Rune - Self-Improving AI Memory free?

Yes, Rune - Self-Improving AI Memory is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Rune - Self-Improving AI Memory support?

Rune - Self-Improving AI Memory is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Rune - Self-Improving AI Memory?

It is built and maintained by Cory Freeman (@thebobloblaw); the current version is v1.1.5.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments