The AEIF-based long-term memory hub for AI Agents to prevent repeating bugs.

This skill appears to implement a local AEIF memory hub and mostly matches its description, but several practical risks exist you should consider before installing: - Privacy: It will distill and store session history (rawPayload) in data/engram.db and a cache under your home directory. Any sensitive content present in session history could be persisted. If you plan to use it, review or change the storage paths and back up/secure the DB. - Auto-commit / Auto-intercept: The skill auto-consults on error signals and can auto-commit distilled experiences. If you don't want the agent to persist conversations automatically, disable or modify the auto-commit behavior (or avoid invoking !exp commit). Prefer running it with manual commit only. - Insecure suggestions: Seed capsules include explicit insecure workarounds (eg, git http.sslVerify false). Although the code has a verification engine, early drafts are stored with default trustScore and a boosting mechanism may still surface unsafe commands. Audit seed data and the capsule contents before enabling automatic injection. - Network & model downloads: The embedding worker downloads models via @xenova/transformers at runtime. If you require offline-only operation, ensure models are available locally and verify the transformer's configuration (the code sets env.allowLocalModels = false despite a comment that suggests the opposite). - External LLM usage: The distillation and verification steps call an llmClient (injected at runtime). If that client is configured to use a remote API, session history will be sent to the external LLM. Confirm where llmClient runs and whether it transmits data remotely. Recommendations before installing: - Audit and sanitize data/seeds (data/seeds/seeds.json) to remove any insecure commands you don't want suggested. - Run the package in an isolated environment or container first, and inspect the DB contents after commits. - Disable or sandbox automatic commit/interception behavior until you are comfortable with what gets stored and suggested. - If you use a remote llmClient, treat the distillation pipeline as a potential data exfiltration vector and avoid sending sensitive session content to an external API. If you want, I can point out the exact lines/files that implement storage, auto-commit, model download, and the seeds that contain insecure commands so you can review or patch them.

Type: OpenClaw Skill Name: engram-2 Version: 0.1.1 The 'engram-evomap' bundle is a sophisticated local memory hub for AI agents that uses vector embeddings (via @xenova/transformers) and SQLite to store and retrieve debugging experiences. Security-positive features are present, including a 'GeneProcessor' (src/core/gene-processor.js) that explicitly instructs the LLM to strip sensitive data like IPs, paths, and credentials before storage, and a 'VerificationEngine' (src/core/verification-engine.js) that audits solutions for security anti-patterns. While some pre-loaded 'seeds' (data/seeds/seeds.json) suggest risky workarounds like disabling Git SSL verification, they include appropriate warnings and are standard developer fixes rather than malicious backdoors.