← 返回 Skills 市场
85
总下载
1
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install memo-bridge
功能描述
This skill should be used when the user wants to export, import, backup, migrate, or transfer AI memory/context between different AI tools. It handles memory...
安全使用建议
Do not install or run this skill as-is. The SKILL.md describes a Node CLI and direct file access but the package contains no code or install steps — ask the publisher for the source/installation artifacts and a clear provenance. Before installing: (1) obtain and inspect the CLI source or a signed release; (2) confirm exactly which files/paths the tool will read/write and whether it will transmit data externally; (3) avoid registering third‑party adapters or running adapters from untrusted registries; (4) prefer running any migration tool in an isolated environment (local VM or container) and run with dry-run first; (5) if you must proceed, review the code for exfiltration (network calls, uploads) and ensure you keep backups of any files the tool will modify.
功能分析
Type: OpenClaw Skill
Name: memo-bridge
Version: 1.0.0
The memo-bridge skill is designed to migrate AI context and memory by reading from and writing to sensitive application directories, including `~/.claude/`, `~/.cursor/`, `~/.hermes/`, and `~/.openclaw/`. While the documentation in SKILL.md describes legitimate functionality and claims to include privacy sanitization (redacting API keys and tokens), the capability to aggregate data across multiple AI platforms represents a high-risk behavior. The actual execution logic resides in a local CLI (`dist/cli.js`) which is not provided for inspection, making the security claims unverifiable.
能力标签
能力评估
Purpose & Capability
The SKILL.md repeatedly references a Node.js CLI (node dist/cli.js), Node >= 22, and direct file reads/writes for many tools (e.g., ~/.openclaw/workspace, ~/.hermes/memories, CLAUDE.md). However the skill bundle contains no code files and no install specification. That means the declared capability (a CLI that can scan and modify local AI memory files) is not actually provided by this package — an incoherence that could indicate an incomplete upload, developer error, or misdirection.
Instruction Scope
The runtime instructions direct scanning arbitrary directories (--scan-dir), reading/writing specific per-tool files (appending to MEMORY.md, trimming Hermes payloads, reading .codebuddy/.memory), and generating prompts for cloud tools. Those actions are consistent with a memory-migration tool, but because no executable is included, it's unclear how the actions are meant to be performed. The instructions also encourage registering third-party adapters (runtime code) via a public registry API — this permits executing arbitrary adapter code that can read/modify any paths the adapter author chooses. The SKILL.md grants broad discretion (scan, extract, import, overwrite) which could access sensitive local files and tool tokens.
Install Mechanism
No install specification and no code files are present, yet the documentation requires Node.js and a project-root CLI (node dist/cli.js). This is inconsistent: a user following these instructions will have nothing to install or run from the skill package itself. Legitimate CLI-based skills should include an install step or the binary/source; its absence is a serious red flag.
Credentials
The skill declares no required environment variables or credentials, which superficially seems least-privileged. But its described operations involve reading many local tool data locations that often contain user secrets or API tokens. Because the skill encourages direct file reads/writes and third-party adapters, those actions could access credentials even though none are declared. The lack of declared envs combined with implicit file access makes the required privileges unclear and disproportionate to what is actually present in the package.
Persistence & Privilege
The skill does not set always:true and does not declare system-wide config modifications. That is appropriate. However it instructs registering runtime adapters and performing file writes/overwrites — if the agent is allowed to autonomously invoke this skill, that increases the blast radius. Autonomous invocation alone isn't a disqualifier, but combined with the other inconsistencies it is worth noting.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install memo-bridge - 安装完成后,直接呼叫该 Skill 的名称或使用
/memo-bridge触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of memo-bridge — a cross-AI memory migration tool.
- Enables exporting, importing, backup, migration, and transfer of AI memory/context between supported AI tools (CodeBuddy, OpenClaw, Hermes Agent, Claude Code, Cursor, ChatGPT, Doubao, Kimi).
- Provides CLI commands for detection, extraction, import, and one-step migration, with support for both file-based and prompt-guided workflows.
- Uses a human- and LLM-friendly Markdown-based interchange format (`memo-bridge.md`), preserving tool-specific data in extensions.
- Features automated privacy sanitization, path validation, content size limits, and system directory protections for secure memory handling.
- Extensible via custom adapters for unsupported tools through a public registry API.
- Offers robust error handling and clear user guidance for missing tools, permissions, and workspace configuration.
元数据
常见问题
memo-bridge 是什么?
This skill should be used when the user wants to export, import, backup, migrate, or transfer AI memory/context between different AI tools. It handles memory... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 85 次。
如何安装 memo-bridge?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install memo-bridge」即可一键安装,无需额外配置。
memo-bridge 是免费的吗?
是的,memo-bridge 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
memo-bridge 支持哪些平台?
memo-bridge 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 memo-bridge?
由 gonelake(@gonelake)开发并维护,当前版本 v1.0.0。
推荐 Skills