← 返回 Skills 市场
1999azzar

Mema Vault

作者 azzar budiyanto · GitHub ↗ · v1.1.9
cross-platform ✓ 安全检测通过
715
总下载
0
收藏
1
当前安装
11
版本数
在 OpenClaw 中安装
/install mema-vault
功能描述
Secure credential manager using AES-256 (Fernet) encryption. Stores, retrieves, and rotates secrets using a mandatory Master Key. Use for managing API keys,...
使用说明 (SKILL.md)

Mema Vault

Prerequisites

  • Master Key: Must be set as an environment variable MEMA_VAULT_MASTER_KEY.
  • Dependencies: Requires cryptography Python package.

Core Workflows

1. Store a Secret

Encrypt and save a new credential.

  • Usage: python3 $WORKSPACE/skills/mema-vault/scripts/vault.py set \x3Cservice> \x3Cuser> \x3Cpassword> [--meta "info"]

2. Retrieve a Secret

Fetch a credential. By default, the password is masked in output.

  • Usage: python3 $WORKSPACE/skills/mema-vault/scripts/vault.py get \x3Cservice>
  • Show Raw: Use --show flag only when required for secure injection.

3. List Credentials

  • Usage: python3 $WORKSPACE/skills/mema-vault/scripts/vault.py list

Security Standards

  • Encryption: AES-256 CBC via PBKDF2HMAC (480,000 iterations).
  • Masking: Secrets are masked in standard logs/output unless explicitly requested.
  • Isolation: The Master Key should never be stored in plaintext on disk.
安全使用建议
This skill appears to be what it claims: a local, master-key protected vault. Before installing, do the following: 1) Validate the Master Key is injected securely (prefer process-scoped secrets or an agent-managed secret store rather than a long-lived system-wide env var). 2) Review and accept that the vault stores an encrypted SQLite DB and salt at data/ in the workspace — protect those files and backups. 3) Be careful with the `--show` flag (it prints raw secrets to console). 4) Note the SKILL.md/ security-policy wording about "AES-256-CBC" is misleading; if you require a specific cryptographic guarantee, review the cryptography usage and parameters yourself. 5) Confirm you are comfortable installing the `cryptography` PyPI package in the agent runtime environment.
功能分析
Type: OpenClaw Skill Name: mema-vault Version: 1.1.9 The Mema Vault skill is a well-implemented local credential manager. It uses strong cryptographic practices (AES-256, PBKDF2HMAC with 480,000 iterations, random salt) and stores data securely within its workspace. It requires a master key from environment variables, employs parameterized SQLite queries to prevent SQL injection in `scripts/vault.py`, and masks sensitive output by default. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts in SKILL.md. The dependencies and installation steps are legitimate for its stated purpose.
能力评估
Purpose & Capability
The skill is a local vault and only requests a single environment variable (MEMA_VAULT_MASTER_KEY), which aligns with the stated purpose. Minor inconsistency: documentation claims "AES-256-CBC (via Python `cryptography` Fernet)", but Fernet's specification and common implementations do not match a plain "AES-256-CBC" claim — this is a wording/accuracy issue in the README, not evidence of hidden functionality.
Instruction Scope
SKILL.md instructs the agent to run the included CLI script and to install the `cryptography` package. Runtime behavior in the script is limited to reading MEMA_VAULT_MASTER_KEY, creating/reading data/salt.bin and data/vault.db in the workspace, and printing masked output by default. The only potentially surprising behaviors are (1) the `get` command uses a SQL LIKE (%...%) query (could return partial matches), (2) the --show flag prints raw secrets to console when used, and (3) audit information is written to console rather than a structured log — all of which are documented or obvious in the script.
Install Mechanism
No global install spec was recorded in the registry manifest, but SKILL.md includes metadata to run `pip install cryptography`. Installing from PyPI is a standard, low-to-moderate risk action. There are no downloads from arbitrary URLs or archive extraction steps.
Credentials
Only MEMA_VAULT_MASTER_KEY is required, which is appropriate for a local vault. The script does not request unrelated credentials or external service keys.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It does persist an encrypted SQLite DB and a salt file under data/ in the workspace; users should be aware these files remain on disk and protect workspace storage and backups accordingly.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install mema-vault
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /mema-vault 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.9
SECURITY: Removed local database from package and added gitignore. Only source and documentation are included.
v1.1.8
Ensured scripts inclusion by using .py extension. Manifest verified.
v1.1.7
Final manifest fix: confirmed inclusion of extensionless 'scripts/vault' via absolute path publishing.
v1.1.6
Ensured scripts/vault.py is in the manifest by renaming and using absolute publishing path.
v1.1.5
Ensured scripts/vault.py inclusion by adding file extension and using isolated build.
v1.1.4
CRITICAL: Final fix for manifest inclusion by ensuring clean WORKDIR and explicit path publishing.
v1.1.3
CRITICAL: Ensured inclusion of scripts/vault by using a clean build directory and verifying the package manifest.
v1.1.2
Fixed manifest and permission issues by isolating the build environment. Verified scripts/vault inclusion.
v1.1.1
Synchronized security-policy with actual code: removed legacy Redis/GCM references and confirmed local SQLite storage. Package now fully consistent with implementation.
v1.1.0
Implemented actual AES-256 encryption logic, added mandatory master key env var, and fixed ClawHub metadata/install requirements.
v1.0.0
Version 1.0.0 – Initial Release - Introduces mema-vault, a secure credential manager for Mema using AES-256 encryption. - Supports storing, retrieving, and rotating secrets with both file and Redis backends. - Implements strict security rules to prevent accidental exposure of sensitive data. - Provides audit tracking of secret access and helper scripts for key rotation. - Includes clear setup instructions and reference materials for best practices.
元数据
Slug mema-vault
版本 1.1.9
许可证
累计安装 1
当前安装数 1
历史版本数 11
常见问题

Mema Vault 是什么?

Secure credential manager using AES-256 (Fernet) encryption. Stores, retrieves, and rotates secrets using a mandatory Master Key. Use for managing API keys,... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 715 次。

如何安装 Mema Vault?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install mema-vault」即可一键安装,无需额外配置。

Mema Vault 是免费的吗?

是的,Mema Vault 完全免费(开源免费),可自由下载、安装和使用。

Mema Vault 支持哪些平台?

Mema Vault 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Mema Vault?

由 azzar budiyanto(@1999azzar)开发并维护,当前版本 v1.1.9。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论