← 返回 Skills 市场
235
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install cxm-neural-memory
功能描述
Use this skill when you need to understand the architecture of a codebase, perform semantic searches across files, map dependencies before refactoring, or in...
使用说明 (SKILL.md)
CXM Neural Memory Skill
This skill provides you with a localized "Neural Memory" and architectural mapping tool. It allows you to find code semantically and map dependencies using bundled AST-parsing tools.
🔒 Security & Transparency (Disclosure)
To ensure safe and transparent operation, be aware of the following behaviors:
- Local Indexing: This skill performs recursive file reads within the project to build a local vector index (FAISS) stored in
~/.cxm. - Resource Footprint: Initial indexing is CPU-intensive. Runtime RAM usage ranges from ~300MB (Mini-BERT) to ~1GB (MPNet).
- Network Access: On the very first execution, this skill will download a pre-trained model (~80MB to ~400MB) from the HuggingFace Hub. No project data is ever uploaded.
- File Modification: The tool can patch files. It strictly respects the
allowed_write_pathsandmode(e.g.,ask_first) defined in the project's.cxm.yaml.
🛠️ Local Engine Usage
You are already bundled with the CXM source code. All commands must be executed via the local src/cli.py script.
Crucial Instruction: Always use the --agent-mode flag to receive strict, parseable JSON.
Core Capabilities & Usage
1. Semantic Search (Vibe Searching)
Use this when you need to find logic by its purpose, even if you don't know the exact file name or variable names.
Command:
python src/cli.py --agent-mode harvest --semantic "your natural language query"
Interpretation:
The JSON output contains a results array with path, content, and start_line/end_line for precise targeting.
2. Dependency Graphing (Architectural Mapping)
Use this before refactoring to see which files or modules depend on your target file.
Command:
python src/cli.py --agent-mode map path/to/file.py
Interpretation:
The JSON output includes an edges list and a hotspots array showing the most heavily used modules in the project.
3. Architecture Ingestion
Force CXM to index non-code files like README.md, docker-compose.yml, or package.json to understand the system's infrastructure.
Command:
python src/cli.py --agent-mode ingest .
Workflow for Complex Refactoring
- Locate: Use
semantic searchto find the relevant code sections. - Map: Run
mapon the identified files to see the blast radius. - Execute: Apply your changes knowing the full architectural context.
安全使用建议
What to consider before installing/using this skill:
- Review the code that reads system and third-party CLI state: docs/cli-reference and code reference reading Gemini/Claude session directories (e.g., ~/.gemini/tmp/partner/chats/, ~/.claude/projects/). If you use those CLIs, expect CXM to ingest their session data unless configured otherwise.
- Audit file-patching code and .cxm.yaml before allowing write actions. The tool can modify files and claims to respect allowed_write_paths/modes, but verify patcher.py and any guard logic yourself and keep backups/strict git workflow in place.
- Do not run pip install -r requirements.txt or the editable (-e) installs without inspection: requirements.txt contains -e git+ssh/git+https entries to personal repos and a very large dependency set (heavy ML and network libraries). Prefer running the CLI in an isolated environment (container or VM) and pin exact dependency sources if you must install.
- Expect network activity: first-run model downloads from HuggingFace and optional GitHub cloning. If you need fully offline operation, verify local-model paths or block network access and confirm behavior.
- If you plan to let agents call this skill autonomously, consider restricting agent privileges (prevent file writes or disallow background watcher) or require explicit human approval for any patch operations; autonomous invocation combined with cross-CLI reads raises privacy risk.
If you want to proceed safely: run the tool inside an isolated container or throwaway VM, inspect/grep context_gatherer, patcher, and skill_exporter, and test read/write behaviors on a benign project first. If anything is unclear, ask the maintainer for explicit documentation on allowed_write_paths, what session locations are read, and which remote endpoints the install or runtime will contact.
功能分析
Type: OpenClaw Skill
Name: cxm-neural-memory
Version: 1.0.3
The bundle implements a 'Context Machine' (CXM) designed to provide AI agents with deep local context, but it employs several high-risk data gathering techniques. Specifically, 'src/tools/context_gatherer.py' reads sensitive local data including the user's shell history (~/.bash_history) and private session logs from other AI tools like Gemini and Claude Code. Additionally, 'src/core/patcher.py' enables the AI to automatically modify or patch files on the local system. While the tool includes notable security features such as a secret masker to redact API keys from its index ('src/core/rag.py') and a guardrail system to restrict file-writing paths, the broad access to personal history and the capability for automated filesystem modification constitute a significant security and privacy surface.
能力评估
Purpose & Capability
Name/description match the main code: semantic search, dependency mapping, and ingestion. The repository includes a full CLI and RAG engine implementing those capabilities (src/core/rag.py, src/cli.py, tools). However the docs and code also describe integrating system state and third-party CLI session files (Gemini/Claude), cloning remote repos, and auto-updating a background watcher — behaviors that are broader than a simple 'codebase understanding' tool and should be expected but explicitly reviewed.
Instruction Scope
SKILL.md and other docs instruct the agent to run the bundled CLI (python src/cli.py --agent-mode) which will: recursively read the project to build an index (~/.cxm), download models from HuggingFace on first run, optionally run a background watcher that updates the index on file saves, patch files respecting .cxm.yaml rules, and gather context from other tool locations (docs mention reading ~/.gemini/tmp/partner/chats/ and ~/.claude/projects/). The skill therefore reads files and session histories outside the immediate project scope and can modify files — these are significant scope expansions that the user should expect and control.
Install Mechanism
There is no automatic install spec in the registry entry (instruction-only), which reduces platform-level install risk. However the package metadata and requirements.txt recommend installing heavy dependencies and include -e git+ssh/git+https editable installs pointing to personal GitHub repositories (e.g., Joeavaib/partner and other -e entries). If a user follows docs to pip install, that will pull code from external repos and many third-party packages (faiss, sentence-transformers, huggingface_hub, Google/Anthropic clients etc.). Those remote/editable installs and the large dependency set increase supply-chain risk and deserve manual review.
Credentials
The skill declares no required environment variables or credentials. That aligns with local-only operation. Nevertheless, behavior in code/docs will access local Git and may clone remote GitHub repos (using the user's git config/SSH keys) and will download models from HuggingFace (network activity). The tool also scans files for secrets (masking), but it can read unrelated session files (Gemini/Claude) and system/git status — this is broader access than just source files and could expose sensitive local data if used without care.
Persistence & Privilege
always:false (good). The tool creates persistent data under ~/.cxm (index, metadata, caches) and supports a background watcher/daemon to keep indices fresh; it can also apply patches to workspace files (subject to .cxm.yaml allowed_write_paths and modes like 'ask_first'). Autonomous agent invocation is permitted by default; combined with the above (reading other CLIs and file-patching), that increases the blast radius, so consider restricting runtime permissions or requiring human confirmation for write actions.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install cxm-neural-memory - 安装完成后,直接呼叫该 Skill 的名称或使用
/cxm-neural-memory触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.3
- Added a new "Security & Transparency" section to the documentation, detailing local indexing, resource usage, first-run model download, and file modification safeguards.
- Removed the `.cxm.yaml` and `docs/LICENSE.md` files.
v1.0.2
Found out how to manually Upload
v1.0.1
Added the rest lol
v1.0.0
Initial release of cxm-neural-memory skill.
- Enables semantic search across codebases using natural language queries.
- Provides dependency graph mapping to assess "blast radius" before refactoring.
- Supports ingestion of code and non-code (documentation/config) files into memory for richer architectural context.
- Offers guidance on syncing background file changes for up-to-date context.
- Includes a recommended workflow for safe and effective complex refactoring.
元数据
常见问题
CXM: Neural Memory for Agents 是什么?
Use this skill when you need to understand the architecture of a codebase, perform semantic searches across files, map dependencies before refactoring, or in... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 235 次。
如何安装 CXM: Neural Memory for Agents?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install cxm-neural-memory」即可一键安装,无需额外配置。
CXM: Neural Memory for Agents 是免费的吗?
是的,CXM: Neural Memory for Agents 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
CXM: Neural Memory for Agents 支持哪些平台?
CXM: Neural Memory for Agents 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 CXM: Neural Memory for Agents?
由 Joeavaib(@joeavaib)开发并维护,当前版本 v1.0.3。
推荐 Skills