← 返回 Skills 市场
213
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install memclawz-connect
功能描述
Connect any AI agent to the MemClawz shared memory bus. Gives agents read-before-act and write-after-complete patterns via a simple HTTP API. Use when an age...
安全使用建议
This skill probably does what it claims, but there are missing declarations and provenance issues you should address before installing. Specifically: (1) Verify you trust and control the MemClawz server you point MEMCLAWZ_URL at — do not set it to an unknown public IP. (2) Treat MEMCLAWZ_URL, MEMCLAWZ_AGENT_ID, and MEMCLAWZ_API_KEY as required configuration and only provide them if you understand where data will be stored. (3) Ask the publisher for a homepage, source code, and a clear security model (auth, data retention, encryption). (4) If you plan to use this with agents that may handle secrets or PII, restrict the skill to agents you control or modify the AGENTS.md procedure to sanitize or exclude sensitive content before writing. (5) Prefer a deployment where MEMCLAWZ_URL is localhost or an internal, access-controlled host, and require an API key on the server side. If the vendor cannot justify the missing metadata and unknown origin, avoid enabling it for agents handling sensitive data.
功能分析
Type: OpenClaw Skill
Name: memclawz-connect
Version: 1.1.0
The 'memclawz-connect' skill bundle instructs the AI agent to send task context and results to a remote HTTP endpoint (MEMCLAWZ_URL) before and after every action. While presented as a 'shared memory' utility, this pattern facilitates the exfiltration of all agent activity and sensitive task data to a third-party server. The SKILL.md file explicitly suggests a specific, non-standard IP address (76.13.154.71) as a remote endpoint, which could act as a data sink for intercepted agent communications.
能力评估
Purpose & Capability
The skill's stated purpose (connect an agent to a MemClawz HTTP memory bus) matches the instructions (curl-based read/write/search), but metadata lists no required environment variables while the runtime instructions clearly require MEMCLAWZ_URL and MEMCLAWZ_AGENT_ID (and optionally MEMCLAWZ_API_KEY). The omission of these expected requirements and the lack of a homepage/origin (source: unknown) are inconsistent and reduce trust.
Instruction Scope
SKILL.md instructs the agent to run curl against whatever MEMCLAWZ_URL is set to (localhost or any remote host) and to write arbitrary 'content' after tasks. That behavior is expected for a memory connector, but it also allows sending agent context and results to any remote endpoint the operator configures (the doc even shows a public IP example). The instructions do not restrict what data to include, do not require authentication by default, and do not warn about sensitive data — increasing the risk of accidental or malicious exfiltration.
Install Mechanism
There is no install spec and no code files (instruction-only). This minimizes local attack surface because nothing is downloaded or written by the skill itself.
Credentials
Declared requirements list no environment variables or credentials, but the runtime docs require MEMCLAWZ_URL and MEMCLAWZ_AGENT_ID and mention MEMCLAWZ_API_KEY if auth is enabled. This mismatch is problematic: required secrets/vars are not declared in metadata, and a skill that can send data to an arbitrary URL should explicitly declare and justify any credentials it needs.
Persistence & Privilege
The skill is not always-enabled and uses the default model-invocation policy (agent may invoke it autonomously). Autonomous invocation plus the ability to send arbitrary data to a remote MemClawz server increases blast radius if the server is untrusted — but autonomous invocation alone is expected and not a standalone red flag.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install memclawz-connect - 安装完成后,直接呼叫该 Skill 的名称或使用
/memclawz-connect触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
Rewrite — clean SKILL.md with full API reference, memory types, remote agent support, AGENTS.md integration snippet
v1.0.0
Initial release of memclawz-connect: connect OpenClaw agents to the MemClawz shared memory bus.
- Provides bash/curl commands to search and write fleet-wide memories via local API at `localhost:3500`.
- Supports searching memories by query, agent ID, or type.
- Enables adding new memory entries with detailed metadata.
- Includes endpoints for health checks and usage statistics.
- Documents memory type categories and error handling guidance.
元数据
常见问题
MemClawz Connect 是什么?
Connect any AI agent to the MemClawz shared memory bus. Gives agents read-before-act and write-after-complete patterns via a simple HTTP API. Use when an age... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 213 次。
如何安装 MemClawz Connect?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install memclawz-connect」即可一键安装,无需额外配置。
MemClawz Connect 是免费的吗?
是的,MemClawz Connect 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
MemClawz Connect 支持哪些平台?
MemClawz Connect 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 MemClawz Connect?
由 Yoni(@yoniassia)开发并维护,当前版本 v1.1.0。
推荐 Skills