← 返回 Skills 市场
bustes01

💾 Complex Memory Manager

作者 shake27 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ 安全检测通过
77
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install complex-memory-manager
功能描述
Privacy-aware structured memory management for AI agents. Three-tier memory model (Public / Internal-encrypted / Private-not-stored), with XOR+Base64 encrypt...
使用说明 (SKILL.md)

💾 Complex Memory Manager

Privacy-aware structured memory management for AI agents. Provides a three-tier memory model (Public / Internal-encrypted / Private-not-stored) with XOR+Base64 encryption, auto-cleanup, and generalization rules.

This is a shared component skill — other skills reference it for cross-session persistent memory. When updating, ensure backward compatibility with all dependent skills.

Tiered Memory Model

Tier Content Visibility Encryption Storage
Public (T1) Skill usage stats, common patterns, generic workflows Visible to anyone None memory/tier1-public/
Internal (T2) Specific preferences, learned behaviors Agent-visible only XOR + Base64 memory/tier2-internal/
Private (T3) API keys, credentials, PII Not stored by this skill Not applicable Env vars / secret managers only

T1: Public Memory

Store in memory/tier1-public/ or directly in daily notes.

Allowed content:

  • Aggregated skill usage statistics (no personal identifiers)
  • Generic workflow patterns
  • Common user request categories
  • Non-identifying behavioral data

Format:

{
  "skill_stats": {
    "skill-a": { "calls": 47, "success_rate": 0.96, "last_used": "2026-05-19" },
    "skill-b": { "calls": 23, "success_rate": 0.91, "last_used": "2026-05-18" }
  },
  "patterns_observed": [
    { "trigger": "morning request", "skills_used": ["morning-news-daily"], "count": 30 }
  ]
}

T2: Internal Encrypted Memory

Use XOR + Base64 for non-public data. Key is derived from skill name + date — reconstructable without storing the key.

Encryption:

import hashlib, base64

def _derive_key(skill_name: str, year_month: str) -> str:
    """e.g., _derive_key('my-skill', '2026-05')"""
    raw = skill_name + year_month
    return hashlib.sha256(raw.encode()).hexdigest()[:8]

def encrypt(text: str, skill_name: str, year_month: str) -> str:
    key = _derive_key(skill_name, year_month)
    result = bytes([ord(c) ^ ord(key[i % len(key)]) for i, c in enumerate(text)])
    return base64.b64encode(result).decode()

def decrypt(encoded: str, skill_name: str, year_month: str) -> str:
    key = _derive_key(skill_name, year_month)
    raw = base64.b64decode(encoded)
    return ''.join(chr(b ^ ord(key[i % len(key)])) for i, b in enumerate(raw))

Memory entry format:

---
tier: internal
source_skill: \x3Cskill-name>
key_hint: \x3Cskill-name>-\x3CYYYY-MM>
created: \x3CYYYY-MM-DD>
expires: \x3CYYYY-MM-DD>  # 30 days from created
---

## Encrypted Entry
> \x3Cbase64-encoded, XOR-encrypted data>

## Decryption Note
Key = sha256("\x3Cskill-name>-\x3CYYYY-MM>")[:8], then XOR + base64 decode.

T3: Private (Do Not Store)

Rules (enforced):

  • API keys / tokens → store in environment variables
  • Passwords → use secret manager (1Password, Bitwarden, system keychain)
  • Email addresses, phone numbers → never in skill memory
  • Home/work addresses, government IDs → never in skill memory
  • Financial account numbers → never in skill memory

Cleanup Protocol

Run every 7 days or when triggered by any dependent skill:

  1. List all files in memory/tier1-public/, memory/tier2-internal/
  2. Find entries where created > 30 days ago → move to memory/archive/YYYY-MM/
  3. Scan Tier 2 entries for accidental PII → immediately delete if found
  4. Merge duplicate entries, remove outdated patterns
  5. Compact: combine entries from same source_skill into single files
  6. Log cleanup action: [YYYY-MM-DD] Memory cleanup: X archived, Y deleted, Z merged

Privacy Audit Checklist

  • No real names, usernames, or handles in memory
  • No API keys or tokens in any visible file
  • No filesystem paths containing personal home directories
  • No fixed personal schedules (use relative: "early morning" not "6am")
  • No geographic specifics beyond city level
  • All Tier 2 entries have expiry dates
  • Tier 3 data never touches skill memory

Cross-Skill Usage

Other skills declare dependency via requires in YAML frontmatter:

metadata:
  openclaw:
    requires:
      skills:
        - complex-memory-manager

When multiple skills share memory, prefix filenames with the source skill name:

  • memory/tier1-public/skill-a_stats.json
  • memory/tier2-internal/skill-a_preferences.md

💾 复杂记忆管理器

面向AI Agent的隐私感知结构化记忆管理。提供三层记忆模型(公开/内部加密/私人不存储),支持XOR+Base64加密、自动清理和泛化规则。

这是一个共享组件技能——其他技能通过它实现跨会话持久化记忆。更新时需保证向后兼容所有依赖它的技能。

三层记忆模型

层级 内容 可见性 加密 存储位置
公开(T1) 技能使用统计、通用工作流模式 任何人可见 memory/tier1-public/
内部(T2) 特定偏好、学习到的行为 仅Agent可见 XOR+Base64 memory/tier2-internal/
私人(T3) API密钥、凭据、个人身份信息 本技能不存储 不适用 环境变量/密钥管理器

T1:公开记忆

存储位置:memory/tier1-public/ 或每日笔记

允许内容:

  • 聚合技能使用统计(无个人标识)
  • 通用工作流模式
  • 常见用户请求分类
  • 非识别的行为数据

格式:

{
  "skill_stats": {
    "skill-a": { "calls": 47, "success_rate": 0.96, "last_used": "2026-05-19" },
    "skill-b": { "calls": 23, "success_rate": 0.91, "last_used": "2026-05-18" }
  },
  "patterns_observed": [
    { "trigger": "早晨请求", "skills_used": ["morning-news-daily"], "count": 30 }
  ]
}

T2:内部加密记忆

使用 XOR + Base64 加密。密钥由技能名+日期派生,无需存储密钥即可重建。

加密方法:

import hashlib, base64

def _derive_key(skill_name, year_month):
    raw = skill_name + year_month
    return hashlib.sha256(raw.encode()).hexdigest()[:8]

def encrypt(text, skill_name, year_month):
    key = _derive_key(skill_name, year_month)
    result = bytes([ord(c) ^ ord(key[i % len(key)]) for i, c in enumerate(text)])
    return base64.b64encode(result).decode()

def decrypt(encoded, skill_name, year_month):
    key = _derive_key(skill_name, year_month)
    raw = base64.b64decode(encoded)
    return ''.join(chr(b ^ ord(key[i % len(key)])) for i, b in enumerate(raw))

记忆条目格式:

---
tier: internal
source_skill: \x3Cskill名称>
key_hint: \x3Cskill名称>-\x3CYYYY-MM>
created: \x3CYYYY-MM-DD>
expires: \x3CYYYY-MM-DD>
---

## 加密条目
> \x3Cbase64编码的XOR加密数据>

## 解密说明
密钥 = sha256("\x3Cskill名称>-\x3CYYYY-MM>")[:8], 然后 XOR + base64 解码。

T3:私人(不存储)

规则(强制执行):

  • API密钥/Token → 存入环境变量
  • 密码 → 使用密钥管理器(1Password、Bitwarden、系统钥匙串)
  • 邮箱、电话号码 → 绝不存入skill记忆
  • 家庭/工作地址、身份证号 → 绝不存入skill记忆
  • 银行账号 → 绝不存入skill记忆

清理协议

7天 或任何依赖技能触发时执行:

  1. 列出 memory/tier1-public/memory/tier2-internal/ 中的所有文件
  2. 查找 created 超过30天的条目 → 移至 memory/archive/YYYY-MM/
  3. 扫描 Tier 2 条目中是否意外包含PII → 立即删除
  4. 合并重复条目,删除过时模式
  5. 压缩:将同一 source_skill 的条目合并到单个文件
  6. 记录清理操作

隐私审计清单

  • 记忆中没有真实姓名、用户名或handle
  • 任何可见文件中没有API Key或Token
  • 没有包含个人home目录的文件系统路径
  • 没有固定个人作息(用"early morning"代替"6am")
  • 地理信息不超过城市级别
  • 所有Tier 2条目标注了有效期
  • Tier 3数据从未触及skill记忆

跨技能使用

其他技能在 YAML frontmatter 中声明依赖:

metadata:
  openclaw:
    requires:
      skills:
        - complex-memory-manager

多技能共享记忆时,文件名以源技能名称为前缀:

  • memory/tier1-public/skill-a_stats.json
  • memory/tier2-internal/skill-a_preferences.md
安全使用建议
Do not treat this as a complete security review; rerun the scan where metadata.json and artifact/ can be read before installing.
能力标签
requires-sensitive-credentials
能力评估
Purpose & Capability
Artifact contents were unavailable due local command sandbox failure, so purpose and capabilities could not be coherently validated.
Instruction Scope
SKILL.md instructions could not be inspected, so no evidence-backed scope concern can be reported.
Install Mechanism
Install metadata and artifact files could not be inspected, so provenance and install behavior remain unverified.
Credentials
Requested environment access could not be compared against the skill purpose from available evidence.
Persistence & Privilege
No artifact-backed evidence of persistence, credential use, or privilege abuse was available to review.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install complex-memory-manager
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /complex-memory-manager 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: three-tier memory model, XOR+Base64 encryption, cleanup protocol
元数据
Slug complex-memory-manager
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

💾 Complex Memory Manager 是什么?

Privacy-aware structured memory management for AI agents. Three-tier memory model (Public / Internal-encrypted / Private-not-stored), with XOR+Base64 encrypt... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 77 次。

如何安装 💾 Complex Memory Manager?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install complex-memory-manager」即可一键安装,无需额外配置。

💾 Complex Memory Manager 是免费的吗?

是的,💾 Complex Memory Manager 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

💾 Complex Memory Manager 支持哪些平台?

💾 Complex Memory Manager 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 💾 Complex Memory Manager?

由 shake27(@bustes01)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论