功能描述

Use letheClaw to store, search, and manage memories with criticality and provenance.

使用说明 (SKILL.md)

letheClaw — Agent memory

Name: letheClaw
Author: joahtheron

You can use the letheClaw API to store and retrieve memories for the user or the current session. The API base URL is in the environment variable LETHECLAW_API_URL.

Environment patterns:

Docker Compose with letheClaw API container: http://api:8080
Host machine from Docker Desktop (Windows/Mac): http://host.docker.internal:51234
Local testing (same machine): http://localhost:51234

If LETHECLAW_API_URL is unset, try http://host.docker.internal:51234 first (Docker Desktop default), then ask the user.

⚠️ PROTOCOL (NON-NEGOTIABLE)

Retrieval Rule

When the user asks about history, decisions, prior work, "what did we do", or any past context:

ALWAYS query letheClaw API FIRST:

curl -s "{LETHECLAW_API_URL}/memory/search?q=\x3Cquery>&limit=5"

Use the returned content field directly — search results include full text. No need for memory_get or flat file access.
NEVER use memory_search tool as the first step. That tool searches flat markdown files, which are backup/reference only.
Apply criticality filtering when appropriate:
- Security/config: add &min_criticality=0.7
- General recall: add &min_criticality=0.5
- Exploratory: no filter
Use tag pre-filtering when query domain is clear (e.g., tags=moltbook for Moltbook questions).
letheClaw is the authoritative memory system. Flat files may be stale or incomplete.

Storage Rule

When the user says "log this", "remember that", or you observe something worth recording:

POST to letheClaw API (see "Store a memory" below)
Assign appropriate criticality: 0.3 (transient) → 0.5 (useful) → 0.7 (important) → 0.9 (critical)
Tag precisely: 2-5 specific tags (type + domain, e.g. ["episodic", "security", "moltbook"])
Set source: operator_input (user said it), direct_observation (you verified it), inferred (derived)

No exceptions. This is operator-mandated protocol.

Store a memory

POST {LETHECLAW_API_URL}/memory
Body (JSON): content (required), optional: source (e.g. operator_input, direct_observation, inferred), tags (array), operator, session_key, context
Returns: memory_id (UUID). Save it to update criticality or fetch provenance later.

Search memories (semantic)

GET {LETHECLAW_API_URL}/memory/search?q={query}&limit=5
Optional: min_criticality (0–1) to filter by importance.
Optional: tags (comma-separated) to pre-filter by tag before semantic search (e.g. tags=moltbook,security)
Returns: results array with id, content (full text), criticality, tags, source, created_at, access_count

Important: Search results include full content — you do NOT need to call memory_get afterward. Use the returned content directly.

Criticality filtering guidance:

Security/config queries: min_criticality=0.7 (critical knowledge only)
General recall: min_criticality=0.5 (useful and above)
Exploratory search: no filter (all results)

Tag pre-filtering (performance optimization): When query intent is clear, pre-filter by tags to reduce search space:

# "Latest Moltbook posts"
curl "{LETHECLAW_API_URL}/memory/search?q=posts&tags=moltbook,episodic&limit=5"

# "Security findings"
curl "{LETHECLAW_API_URL}/memory/search?q=findings&tags=security,semantic&min_criticality=0.7&limit=3"

Recent memories

GET {LETHECLAW_API_URL}/memory/recent
Returns: Recently stored memories (from cache or DB).

Update criticality (manual)

POST {LETHECLAW_API_URL}/memory/{memory_id}/criticality
Body (JSON): criticality (0–1, required), optional reason
Use when the user or you want to mark a memory as more or less important.

Mark operator correction

POST {LETHECLAW_API_URL}/memory/{memory_id}/correction
No body. Call when the user corrects something about this memory; this boosts criticality and increments a correction counter so provenance shows how often it was corrected.

Get provenance

GET {LETHECLAW_API_URL}/memory/{memory_id}/provenance
Returns: Full memory object plus events (history of criticality changes: manual_boost, operator_correction, etc.) and correction_count.

Errors

400 — Invalid request or invalid memory ID format.
404 — Memory not found (wrong or deleted ID).
5xx — Server/upstream error; suggest checking if letheClaw is running and reachable.

When the user says they want to remember something, search memory, see why a memory is important, or correct a memory, use the appropriate endpoint above.

安全使用建议

This skill legitimately implements a memory API integration, but pay attention before installing: (1) SKILL.md expects LETHECLAW_API_URL but the skill metadata doesn't declare it — set that yourself and verify it points to a service you control. (2) The protocol forces the agent to query the remote API first and send/receive full content; that can leak private or sensitive conversation/context to whatever server is configured. Only use if LETHECLAW_API_URL points to a trusted, private instance (e.g., local or organizational host). (3) If you can't or won't host the API yourself, consider rejecting or modifying the skill so the agent asks for user permission before sending history, or require an explicit opt-in per memory. (4) Prefer skills that declare required env vars in metadata and provide clear sanitization/consent rules. If you want, ask the publisher to add LETHECLAW_API_URL to required env vars and to make the 'always query first' behavior optional or gated by user consent.

功能分析

Type: OpenClaw Skill Name: letheclaw Version: 1.0.1 The SKILL.md instructions for the AI agent contain a shell injection vulnerability. User-controlled inputs such as `<query>`, `tags`, and `{memory_id}` are directly interpolated into `curl` commands without apparent sanitization. This could allow an attacker to inject arbitrary shell commands (e.g., `q=foo%26%20rm%20-rf%20/`) if the agent executes these commands without proper escaping, leading to potential remote code execution on the host system. This is a critical vulnerability, but it is classified as 'suspicious' rather than 'malicious' as there is no evidence of intentional harmful behavior by the skill author, only an insecure implementation of API interaction.

能力评估

ℹ Purpose & Capability

Name/description, manifest permissions (network), and instructions all describe a memory storage/search service — network access is expected. However the SKILL.md depends on an environment variable LETHECLAW_API_URL to locate the service but the skill metadata does not declare any required env vars, creating an inconsistency between what it needs at runtime and what it announces.

⚠ Instruction Scope

The SKILL.md enforces a non‑negotiable protocol that the agent must ALWAYS query the remote letheClaw API first for history/recall and to use returned 'content' directly. That drives automatic outbound transmission of memory/search queries and arbitrary content to the configured API. It also instructs posting user-observed content to the API whenever 'remember' is invoked. There is no guidance about sanitization, redaction, or asking for consent before sending potentially sensitive context to an external service.

✓ Install Mechanism

Instruction-only skill with no install spec or code files — minimal installation risk and nothing written to disk by the skill itself.

⚠ Credentials

The skill needs an API URL (LETHECLAW_API_URL) at runtime but does not list it as a required environment variable in the registry metadata. No credentials are requested (which is proportionate), but the missing declaration is a mismatch that affects transparency. The manifest's network permission is expected for its purpose but is the primary enabler of sending user data off-host.

✓ Persistence & Privilege

The skill is not always-on, does not request special persistent privileges, and does not modify other skills or system-wide config. Autonomous invocation is allowed (platform default) but not combined with other elevated privileges.

版本历史

v1.0.1

letheclaw 1.0.1 — Enhances retrieval protocol and search filtering - Retrieval protocol now clarifies to use the returned `content` field directly; calling `memory_get` is no longer necessary after a search. - Added guidance on criticality filtering for retrieval (e.g., `min_criticality=0.7` for security, `0.5` for general recall, no filter for exploratory). - Introduced tag-based pre-filtering in search queries to improve precision and performance. - Updated search API documentation to include tag pre-filter examples and semantic best practices. - General retrieval and filtering instructions are more explicit for accurate and efficient memory access.

v1.0.0

Initial release of letheClaw — agent memory integration. - Enables storing, searching, and managing memories with criticality and provenance via the letheClaw API. This is a custom build gitHub Project. You can also find the dockerhub images from the user JoahTheron. - Enforces a strict protocol: always query letheClaw first for history/recall; storage must assign criticality, tags, and source. - Supports critical features: semantic search, memory storage, manual criticality updates, operator corrections, and provenance tracking. - Provides precise environment variable guidance and fallback for API connection. - Clearly documents REST endpoints for all memory operations and error handling.

元数据

Slug letheclaw

版本 1.0.1

许可证 —

累计安装 0

当前安装数 0

历史版本数 2

常见问题

letheClaw 是什么？

Use letheClaw to store, search, and manage memories with criticality and provenance. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 663 次。

如何安装 letheClaw？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install letheclaw」即可一键安装，无需额外配置。

letheClaw 是免费的吗？

是的，letheClaw 完全免费（开源免费），可自由下载、安装和使用。

letheClaw 支持哪些平台？

letheClaw 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 letheClaw？

由 JoahTheron（@joahtheron）开发并维护，当前版本 v1.0.1。

letheClaw