← 返回 Skills 市场
473
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install memoria-system
功能描述
Manages AI assistant long-term memory with layered storage for facts, events, skills, context, and fast indexing, including backup and integrity tools.
安全使用建议
This skill appears to implement the stated memory-management features, but review and take precautions before installing: 1) Verify jq, tar and Bash are available, and update the skill metadata to reflect these dependencies. 2) Inspect and edit config.json so memory.base_path and backup.path point to a safe, isolated directory you control (do not leave defaults if running from a high-privilege or home directory). 3) Avoid running rollback with --force or exposing the skill to untrusted agent autonomy until you are comfortable (consider setting disable-model-invocation:true if available). 4) Run memory-backup.sh --dry-run and memory-health-check.sh without --fix first to see actions. 5) Be cautious with cron installation: schedule only after manual verification. 6) If you need stronger safety, request path validation/whitelisting in the scripts (prevent operations outside a sandboxed memory path).
功能分析
Type: OpenClaw Skill
Name: memoria-system
Version: 1.0.0
The skill bundle is classified as suspicious due to the extensive use of powerful shell commands (`rm -rf`, `tar`, `cp -r`, `find -exec`) in `memory-backup.sh`, `memory-rollback.sh`, and `memory-health-check.sh`. While these operations are necessary for the stated purpose of memory management, backup, and rollback, they operate on file paths that can be overridden via command-line arguments (`--path`, `--output`). This creates a significant vulnerability where an AI agent, if subjected to prompt injection, could be instructed to pass malicious paths, potentially leading to arbitrary file deletion, overwriting, or other forms of remote code execution on the host system. There is no clear evidence of intentional malicious behavior such as data exfiltration or backdoor installation within the scripts themselves; the risk stems from the powerful capabilities and potential for misuse through argument manipulation.
能力评估
Purpose & Capability
The name/description match the included scripts (backup, migrate, rollback, health-check). However the registry metadata claims no required binaries/env, while SKILL.md and the scripts require Bash, jq, and tar — a metadata omission that reduces clarity about runtime needs.
Instruction Scope
Runtime instructions direct the agent (or user) to run shell scripts that perform file-system mutations (mkdir, cp, rm -rf, tar extraction, find -delete). The scripts accept --path arguments and read config.json; there is no path sanitization or safety checks, so a mis-set config or malicious/erroneous argument could overwrite or extract into arbitrary directories (e.g., dirname of MEMORY_PATH). Rollback uses rm -rf on MEMORY_PATH and extracts archives relative to dirname(MEMORY_PATH), which can be destructive if MEMORY_PATH is configured incorrectly.
Install Mechanism
There is no network-based install step in the skill manifest (instruction-only install spec). The code files are included in the skill bundle; nothing in the manifest downloads remote archives. This is lower install risk, but the provided scripts will be placed on disk and can be executed by the agent or user.
Credentials
The skill requests no credentials or environment variables. That is appropriate for a local filesystem-oriented memory manager. The SKILL.md does require local tools (bash, jq, tar) which are reasonable for the tasks.
Persistence & Privilege
always:false (normal). The skill can be invoked autonomously by the agent (disable-model-invocation:false), which combined with shell scripts that modify local files increases blast radius: an agent with this skill could create, backup, rollback, or delete the configured memory directory. This is expected for a management tool but worth confirming you trust autonomous actions.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install memoria-system - 安装完成后,直接呼叫该 Skill 的名称或使用
/memoria-system触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Memoria记忆系统 - 基于认知科学的多层长期记忆管理方案
为AI助手设计的完整记忆管理系统,模拟人类认知架构:
• 语义记忆 - 存储事实、概念、用户画像
• 情景记忆 - 记录对话历史、事件、决策
• 程序记忆 - 保存工作流、技能、最佳实践
• 工作记忆 - 管理当前任务、待办事项
• 索引系统 - 支持快速检索和关联
包含完整的备份、迁移、回滚脚本,支持定时任务自动化。
Memoria System - Cognitive-inspired multi-layer long-term memory management
A comprehensive memory management system for AI assistants, implementing human-like cognitive architecture:
• Semantic Memory - Facts, concepts, user profiles
• Episodic Memory - Conversation history, events, decisions
• Procedural Memory - Workflows, skills, best practices
• Working Memory - Current tasks, todo items
• Index System - Fast retrieval and association
Includes complete backup, migration, rollback scripts with cron automation support.
from AI
- Initial release of Memoria System, a long-term memory management system for AI assistants.
- Implements human-like cognitive memory architecture with five memory types: semantic, episodic, procedural, working, and index.
- Provides shell tools for memory backup, migration, rollback, and health checks.
- Flexible configuration via config.json for paths, backup, and health check scheduling.
- Includes cron examples for automated backup and maintenance.
- Requires Bash 4.0+, jq, and tar.
元数据
常见问题
Memoria Memory System 是什么?
Manages AI assistant long-term memory with layered storage for facts, events, skills, context, and fast indexing, including backup and integrity tools. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 473 次。
如何安装 Memoria Memory System?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install memoria-system」即可一键安装,无需额外配置。
Memoria Memory System 是免费的吗?
是的,Memoria Memory System 完全免费(开源免费),可自由下载、安装和使用。
Memoria Memory System 支持哪些平台?
Memoria Memory System 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Memoria Memory System?
由 Cedric(@cuilinshen)开发并维护,当前版本 v1.0.0。
推荐 Skills