← 返回 Skills 市场
siddontang

Claw Memory

作者 siddontang · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
371
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install claw-memory
功能描述
Shared memory service for AI agents (OpenClaw, KimiClaw, NanoClaw, etc). Use when user asks to store, retrieve, search, or share memories across agent instan...
使用说明 (SKILL.md)

Claw Memory Sharing Service

API: https://claw-memory.siddontang.workers.dev

Quick Start

When the user wants to set up Claw Memory, output these commands for them to copy-paste:

Step 1: Install the skill

mkdir -p ~/.openclaw/skills/claw-memory && curl -so ~/.openclaw/skills/claw-memory/SKILL.md https://raw.githubusercontent.com/siddontang/claw-memory/main/SKILL.md

Step 2: Create a memory space

curl -s -X POST https://claw-memory.siddontang.workers.dev/api/tokens | jq .

The response includes a claim_url — open it to claim your database as a permanent TiDB Cloud Starter instance (free). Without claiming, it auto-expires in 30 days.

Step 2b (optional): Create with your own encryption key

curl -s -X POST https://claw-memory.siddontang.workers.dev/api/tokens \
  -H "X-Encryption-Key: \x3CYOUR_SECRET_KEY>" | jq .

If you use an encryption key, include -H "X-Encryption-Key: \x3CYOUR_SECRET_KEY>" on ALL subsequent API calls. Without it, the server cannot decrypt your data.

Step 3: Store your first memory

curl -s -X POST https://claw-memory.siddontang.workers.dev/api/memories \
  -H "Authorization: Bearer \x3CTOKEN_FROM_STEP_2>" \
  -H "Content-Type: application/json" \
  -d '{"content": "Hello from my claw!", "source": "openclaw"}'

When the user says "yes" or confirms, run these commands directly.

Claiming Your Instance (Make It Permanent)

By default, each token gets a TiDB Cloud Zero instance that expires in 30 days. Claim it to make it permanent (free).

Option A: New tokensclaim_url is returned in the POST /api/tokens response. Open it to claim.

Option B: Existing tokens — call the claim endpoint:

curl -s -X POST https://claw-memory.siddontang.workers.dev/api/tokens/\x3CTOKEN>/claim | jq .
# Returns: { claim_url: "https://tidbcloud.com/tidbs/claim/..." }

Then open the claim_url in a browser, log in / sign up to TiDB Cloud, and claim the instance. It becomes a permanent Starter instance — free, no expiry.

After claiming: Your token automatically uses the new permanent instance. No config changes needed.

Architecture

  • Each token gets its own TiDB Cloud Zero instance (full data isolation)
  • Connection strings are AES-256-GCM encrypted at rest
  • Optional client-side encryption via X-Encryption-Key header
  • Zero instances expire after 30 days — claim to make permanent

API (all memory endpoints need Authorization: Bearer \x3Ctoken>)

Method Endpoint Body Description
POST /api/tokens Create memory space (returns claim_url)
GET /api/tokens/:token/info Space info + stats + claim_url
POST /api/tokens/:token/claim Get/generate claim URL for existing token
POST /api/memories {content, source?, tags?, key?, metadata?} Store memory
GET /api/memories ?q=&tags=&source=&key=&from=&to=&limit=&offset= Search/list
GET /api/memories/:id Get one
PUT /api/memories/:id {content?, tags?, ...} Update
DELETE /api/memories/:id Delete
POST /api/memories/bulk {memories: [{content, source, tags}...]} Bulk import (max 200)

Common Tasks

Upload existing MEMORY.md

# Read the file, then bulk upload
cat ~/.openclaw/workspace/MEMORY.md | jq -Rs '{memories: [{content: ., source: "openclaw", tags: ["memory"], key: "MEMORY.md"}]}' | \
  curl -s -X POST https://claw-memory.siddontang.workers.dev/api/memories/bulk \
  -H "Authorization: Bearer \x3CTOKEN>" \
  -H "Content-Type: application/json" -d @-

Search memories

curl -s "https://claw-memory.siddontang.workers.dev/api/memories?q=\x3CSEARCH>&limit=10" \
  -H "Authorization: Bearer \x3CTOKEN>" | jq .

Create with client-side encryption

curl -s -X POST https://claw-memory.siddontang.workers.dev/api/tokens \
  -H "X-Encryption-Key: \x3CYOUR_SECRET_KEY>" | jq .
# All subsequent requests must include the same X-Encryption-Key header

Encryption

  • Server key: all connection strings encrypted by default (AES-256-GCM)
  • Client key (optional): X-Encryption-Key header for double encryption — server alone cannot decrypt

Source: https://github.com/siddontang/claw-memory

安全使用建议
This skill appears to do what it says: it creates token-backed memory spaces and uploads/searches memories at https://claw-memory.siddontang.workers.dev. Before installing or running it: 1) Inspect the SKILL.md you download (the Quick Start writes a remote SKILL.md into ~/.openclaw/skills). 2) Be aware that uploading/importing (e.g., the MEMORY.md example) will send local file contents to a third-party service — do not upload secrets or sensitive data unless you trust the operator. 3) If you need confidentiality, use the X-Encryption-Key option and keep that key private; without it the service can decrypt your stored data. 4) Verify the GitHub repo and the operator (siddontang) independently if you plan to rely on this long-term. 5) Because the agent can invoke skills autonomously by default, consider requiring explicit user confirmation before allowing commands that read and transmit local files.
功能分析
Type: OpenClaw Skill Name: claw-memory Version: 1.0.0 The skill is classified as suspicious due to two primary reasons. First, the `SKILL.md` file instructs the agent to download and overwrite itself from a remote GitHub URL (`https://raw.githubusercontent.com/siddontang/claw-memory/main/SKILL.md`), introducing a significant supply chain vulnerability that could lead to arbitrary code execution if the GitHub repository is compromised. Second, the skill explicitly reads the content of a local file (`~/.openclaw/workspace/MEMORY.md`) and sends it to an external third-party service (`https://claw-memory.siddontang.workers.dev`). While this aligns with the stated purpose of importing memory, it represents a high data exposure risk if the `MEMORY.md` file contains sensitive user information.
能力评估
Purpose & Capability
The name/description (shared memory for agents) aligns with the actions described in SKILL.md: creating tokens, storing/searching memories, and bulk-importing local MEMORY.md. Required capabilities and files referenced are proportional to the described purpose.
Instruction Scope
Runtime instructions tell the agent/user to run curl commands that create tokens and upload memory data. They also include a bulk-upload example that reads a local file (~/.openclaw/workspace/MEMORY.md) and sends it to https://claw-memory.siddontang.workers.dev. This is expected for an import/store feature but is a privacy-sensitive action: local content will be transmitted to a third-party service unless you use the optional X-Encryption-Key. The SKILL.md also instructs saving the SKILL.md from GitHub into the skills folder (an installation step).
Install Mechanism
Instruction-only skill (no install spec). The Quick Start suggests curl’ing SKILL.md from raw.githubusercontent.com into ~/.openclaw/skills — a straightforward remote fetch. API endpoints are on a Cloudflare Workers domain. No binary downloads or archive extraction are requested.
Credentials
No environment variables or unrelated credentials are required by the skill. The only secrets involved are tokens returned by the service and an optional X-Encryption-Key for client-side encryption; both are relevant to the stated purpose.
Persistence & Privilege
The skill does not request always:true and does not declare system-wide config modification. The suggested install writes a skill file into the user's ~/.openclaw/skills directory (expected for a skill). Autonomous invocation is allowed by platform default (disable-model-invocation: false).
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install claw-memory
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /claw-memory 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Shared memory service for AI agents. TiDB Cloud Zero backend with claim-to-Starter flow.
元数据
Slug claw-memory
版本 1.0.0
许可证
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Claw Memory 是什么?

Shared memory service for AI agents (OpenClaw, KimiClaw, NanoClaw, etc). Use when user asks to store, retrieve, search, or share memories across agent instan... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 371 次。

如何安装 Claw Memory?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install claw-memory」即可一键安装,无需额外配置。

Claw Memory 是免费的吗?

是的,Claw Memory 完全免费(开源免费),可自由下载、安装和使用。

Claw Memory 支持哪些平台?

Claw Memory 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Claw Memory?

由 siddontang(@siddontang)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论