← 返回 Skills 市场
sdvegas21

ClawSeal

作者 Shawn Cohen · GitHub ↗ · v1.0.3 · MIT-0
cross-platform ⚠ suspicious
71
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install clawseal
功能描述
Cryptographic memory for AI agents with QSEAL tamper-evidence. Zero-config demo mode, scroll-native YAML storage.
使用说明 (SKILL.md)

ClawSeal: Cryptographic Memory for OpenClaw Agents

What This Skill Does

ClawSeal adds persistent, tamper-evident memory to OpenClaw agents:

  • Remember user preferences — Scrolls signed with QSEAL (HMAC-SHA256)
  • Recall with verification — Every memory cryptographically verified on retrieval
  • Detect tampering — Any modification breaks signature immediately
  • Zero database dependencies — Pure YAML files, Git-friendly
  • Auto-demo mode — Works immediately without setup (persistent secret at ~/.clawseal/demo_secret)

When to Use This Skill

Use ClawSeal whenever you need to:

  • Remember user preferences across conversations
  • Store facts/insights that should persist
  • Verify memory integrity (compliance/audit scenarios)
  • Track user relationship evolution

Available Tools

clawseal_remember

Store a memory with QSEAL signature.

Usage:

curl -X POST http://localhost:5002/remember \
  -H "Content-Type: application/json" \
  -d '{
    "content": "User prefers concise technical explanations",
    "memory_type": "preference",
    "user_id": "openclaw_user"
  }'

Returns:

{
  "success": true,
  "memory_id": "MEM_20260415_abc123",
  "qseal_signature": "OXIaQboYCy5csPif7LWGz4scHZAB0YKpAPwVuXjCXLc=",
  "qseal_mode": "demo_ephemeral",
  "qseal_production": false
}

clawseal_recall

Retrieve memories matching a query, with QSEAL verification.

Usage:

curl -X POST http://localhost:5002/recall \
  -H "Content-Type: application/json" \
  -d '{
    "query": "user preferences",
    "user_id": "openclaw_user",
    "limit": 5
  }'

Returns:

{
  "success": true,
  "count": 2,
  "memories": [
    {
      "scroll_id": "MEM_20260415_abc123",
      "content": "User prefers concise technical explanations",
      "memory_type": "preference",
      "qseal_verified": true,
      "qseal_mode": "demo_ephemeral"
    }
  ]
}

clawseal_verify_memory

Explicitly verify a specific memory's QSEAL signature.

Usage:

curl -X POST http://localhost:5002/verify \
  -H "Content-Type: application/json" \
  -d '{
    "memory_id": "MEM_20260415_abc123",
    "user_id": "openclaw_user"
  }'

Returns:

{
  "valid": true,
  "memory_id": "MEM_20260415_abc123",
  "signature_verified": true,
  "content_intact": true,
  "qseal_mode": "demo_ephemeral"
}

Example Conversation Flow

User: "Remember that I prefer detailed technical explanations with code examples"

Agent: "I'll store that preference in ClawSeal."

Agent calls clawseal_remember:

curl -X POST http://localhost:5002/remember \
  -d '{"content": "User prefers detailed technical explanations with code examples", "memory_type": "preference", "user_id": "openclaw_user"}'

Agent: "Stored! Memory ID: MEM_20260415_abc123 (QSEAL verified)"

User (new session): "What do you know about my preferences?"

Agent: "Let me recall your preferences from ClawSeal."

Agent calls clawseal_recall:

curl -X POST http://localhost:5002/recall \
  -d '{"query": "preferences", "user_id": "openclaw_user", "limit": 5}'

Agent: "I found 1 verified memory: You prefer detailed technical explanations with code examples. (QSEAL signature verified ✅)"

Installation

Automatic (via OpenClaw):

openclaw plugins install clawseal

Manual:

# Install Python package
pip install clawseal

# Verify installation
clawseal verify

# Start server (auto-starts on port 5002)
python3 -m clawseal_openclaw.server

Production Setup

Demo mode (default): Uses persistent secret at ~/.clawseal/demo_secret

  • ✅ Works immediately
  • ⚠️ Not production-ready (ephemeral secret)

Production mode: Set QSEAL_SECRET environment variable

# Generate production secret
clawseal init

# Restart server (will detect QSEAL_SECRET)
python3 -m clawseal_openclaw.server

Memory Types

  • preference 🎯 — User preferences
  • fact 📌 — Factual information
  • insight ✨ — Insights/observations
  • decision ⚖️ — Decision records
  • general 📝 — General notes

Security Notes

  • QSEAL signatures — HMAC-SHA256, tamper-evident
  • Demo mode — Persistent local secret (chmod 600), marked in artifacts
  • Production mode — User-managed QSEAL_SECRET (rotate regularly)
  • Tampering detection — Any modification breaks signature immediately. This memory has been permanently rejected. All other memories remain verified and intact. Your agent's integrity is protected.
安全使用建议
This package appears to do what it says: a local, tamper-evident memory service. Before installing: 1) Review the upstream 'clawseal' PyPI package/source (pip install runs package code); 2) understand demo mode creates a persistent secret at ~/.clawseal/demo_secret — protect or delete it if you don't want a local long-lived secret; 3) the installer registers a per-user autostart service (launchd/systemd user) — remove the unit to uninstall persistence; 4) run the server bound to localhost by default, but check service args if you change them to avoid exposing it network-wide; 5) for production, set and protect QSEAL_SECRET (use a secrets manager), rotate regularly, and audit the scrolls directory. If you are cautious, test inside a isolated environment/container and inspect the installed 'clawseal' package source before granting it long-lived presence.
功能分析
Type: OpenClaw Skill Name: clawseal Version: 1.0.3 The ClawSeal skill provides a persistent cryptographic memory system for agents, but its installation process involves high-risk behaviors. Specifically, the 'install.sh' script automatically registers background services using launchd (macOS) and systemd (Linux) to ensure the Flask server ('backend/clawseal_server.py') runs on boot and restarts on failure. While this persistence is documented and supports the stated purpose of 'persistent memory,' the automated creation of system-level daemons and the installation of external Python packages from PyPI are significant security risks that require careful vetting.
能力标签
crypto
能力评估
Purpose & Capability
Name/description (tamper-evident local memory) matches what is present: a Python package dependency (clawseal), a small Flask HTTP bridge, curl-based usage examples, and an installer that sets up a local service. Required binaries (python3, curl) and written files (YAML scrolls) are exactly what you'd expect for this functionality.
Instruction Scope
SKILL.md and examples only direct local HTTP calls (localhost:5002), creating and verifying signed YAML memory files and using a local demo secret (~/.clawseal/demo_secret). They do instruct installing a Python package and registering an auto-start user service; they do not instruct reading unrelated system files or exfiltrating data. Note: demo mode uses a persistent file secret in the user's home directory — this is a design decision that carries a local-secret-protection risk.
Install Mechanism
install.sh uses pip to install the clawseal package and installs Flask deps via requirements.txt, then writes a per-user systemd or launchd unit and starts the service. This is a standard but moderately privileged install flow (runs package setup code and registers an auto-start service). No downloads from arbitrary IPs or URL-shorteners; package source is PyPI (pip) and files are created under the user's home/repo directory.
Credentials
The bundle requires no global credentials by default. Production mode optionally uses a QSEAL_SECRET environment variable (explicitly documented) which is appropriate and proportionate for HMAC signing. The demo secret file is created locally; users should understand that anyone with access to that file can forge signatures.
Persistence & Privilege
The installer registers a per-user auto-start service (launchd or systemd user) so the server persists and restarts on failure. This persistence is consistent with a local memory service, but users should be aware it will run on login/boot under their account and create/own scroll files and logs.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install clawseal
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /clawseal 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.3
Initial ClawSeal release — cryptographic memory for OpenClaw agents with QSEAL tamper-evidence
元数据
Slug clawseal
版本 1.0.3
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

ClawSeal 是什么?

Cryptographic memory for AI agents with QSEAL tamper-evidence. Zero-config demo mode, scroll-native YAML storage. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 71 次。

如何安装 ClawSeal?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install clawseal」即可一键安装,无需额外配置。

ClawSeal 是免费的吗?

是的,ClawSeal 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

ClawSeal 支持哪些平台?

ClawSeal 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 ClawSeal?

由 Shawn Cohen(@sdvegas21)开发并维护,当前版本 v1.0.3。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论