← 返回 Skills 市场
336
总下载
0
收藏
1
当前安装
7
版本数
在 OpenClaw 中安装
/install memclawz
功能描述
AI agent fleet memory system — Qdrant + Mem0 + Neo4j/Graphiti. Composite scoring, compaction engine, temporal knowledge graph, multi-claw federation, sleep-t...
安全使用建议
Before installing or enabling MemClawz: (1) Review the GitHub repo (https://github.com/yoniassia/memclawz) and any systemd service files the package installs — do not blindly run the install script. (2) Expect to provide OpenAI and Anthropic API keys and to run Qdrant/Neo4j; the registry metadata incorrectly omits these requirements. (3) Treat federation features as high-risk: only register or accept remote nodes you trust, and inspect how node_key authentication is handled. (4) Run the installation in an isolated environment (VM or container) first if you want to evaluate behavior. (5) If you plan to keep it long-term, lock the service to localhost, restrict file permissions for memory storage, and rotate any shared secrets. If you want, I can list specific files/lines to inspect in the GitHub repo or help craft a safe installation checklist.
功能分析
Type: OpenClaw Skill
Name: memclawz
Version: 6.0.1
The skill implements a complex memory system with high-risk capabilities including a 'Multi-Claw Federation' protocol for pushing/pulling data to remote endpoints (e.g., 188.34.197.212), system-level persistence via systemd services, and an installation script (scripts/install.sh) that downloads external binaries and clones a GitHub repository. While these features align with the stated goal of a distributed agent memory system, the broad permissions and built-in data transfer mechanisms represent a significant attack surface for data exfiltration and unauthorized remote control.
能力评估
Purpose & Capability
The name/description (MemClawz: Qdrant + embeddings + Neo4j temporal graph + federation) aligns with the runtime instructions and API endpoints. Requesting OpenAI and Anthropic keys (embeddings + classification) is coherent with the stated purpose. However, the registry metadata claims no required environment variables while the SKILL.md clearly requires OPENAI_API_KEY and ANTHROPIC_API_KEY (and other config values), which is an inconsistency between what the skill declares and what it actually needs.
Instruction Scope
The README instructs copying systemd service files, enabling persistent user services, cloning a GitHub repo, starting Qdrant/Neo4j, and configuring federation (push/pull of memories to arbitrary node URLs). Those actions access user filesystem, run background processes, and enable cross-node memory exchange — all expected for a memory system but potentially dangerous if you connect to untrusted nodes or run code without inspection. The SKILL.md also suggests reading local canonical files (MEMORY.md, memory/*.md), which is appropriate to the feature but means the skill will read potentially sensitive local data.
Install Mechanism
There is no registry install spec, but the packaged scripts/install.sh clones https://github.com/yoniassia/memclawz and may download Qdrant from GitHub releases. Pulling and executing code from an external GitHub repo and extracting a downloaded binary is a moderate-risk install pattern (external code execution). The URLs used are standard (GitHub), not obscure shorteners or IP-only installs, but you should review the remote repo and service files before running.
Credentials
The skill requires API keys (OpenAI for embeddings and Anthropic for classification) and other configuration (QDRANT/NEO4J connection settings) in practice, but the registry metadata lists no required env vars. The env keys requested by the instructions are proportional to the feature set, but the metadata omission is misleading and could cause surprise when installing. Federation examples also show 'node_key' secrets used to authorize remote nodes — sharing these or receiving them from untrusted parties can expose private memories.
Persistence & Privilege
The skill does not set always:true and allows model invocation (normal). However, installation instructions copy systemd service files and enable persistent user services (memclawz-api, memclawz-watcher, optionally neo4j). That creates long-running background processes and persistent network endpoints bound to localhost (or remote endpoints if misconfigured). This persistence is expected for a memory service but increases blast radius if the code or config is malicious or misconfigured.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install memclawz - 安装完成后,直接呼叫该 Skill 的名称或使用
/memclawz触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v6.0.1
v6.0.1: Fixed repo description — removed Zvec/QMD references, updated to reflect v6 architecture (Qdrant + Mem0 + Graphiti)
v6.0.0
v6: Graphiti temporal graph, composite scoring, compaction engine, multi-claw federation, sleep-time reflection, compaction cron
v5.0.1
v5.0.1: document local-first canonical memory order; write local files first, then sync/test in MemClawz
v5.0.0
v5: Mem0 + Qdrant, auto-extract pipeline, shared memory bus, typed memories, contradiction detection, decay scoring, MCP server
v2.0.0
v2.0: 3-layer hybrid memory (QMD + Zvec + Mem0), auto-migration, file watcher, fleet sync, no API key required
v1.2.0
Promoted 3-step optimization (Install → Optimize → Fleet) to top-level README. Fixed all 7 deployment issues. Renamed zvec/ to memclawz_server/.
v1.1.0
3-speed memory for OpenClaw agents. QMD working memory (<1ms) + Zvec hybrid vector search (<10ms) + built-in memory enhancement. No API key required, runs 100% locally.
元数据
常见问题
MemClawz 是什么?
AI agent fleet memory system — Qdrant + Mem0 + Neo4j/Graphiti. Composite scoring, compaction engine, temporal knowledge graph, multi-claw federation, sleep-t... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 336 次。
如何安装 MemClawz?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install memclawz」即可一键安装,无需额外配置。
MemClawz 是免费的吗?
是的,MemClawz 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
MemClawz 支持哪些平台?
MemClawz 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 MemClawz?
由 Yoni(@yoniassia)开发并维护,当前版本 v6.0.1。
推荐 Skills