← 返回 Skills 市场
532
总下载
1
收藏
3
当前安装
3
版本数
在 OpenClaw 中安装
/install memory-ops
功能描述
Manage mandatory PostgreSQL memory operations with context retrieval, prompt logging, delegation tracking, and audit event recording using Memory_openclaw an...
安全使用建议
Before installing: (1) Ask the author to explicitly list how the agent connects to the database (required env vars or connection string) and do not provide DB credentials unless you control the target database. (2) Verify the DB, schema, and sample data are deployed in an isolated/test database you control. (3) Remove or parameterize the hardcoded user_id='ian' and agent='jarvis' values so the skill cannot accidentally write other users' data. (4) Confirm where embeddings come from and whether an embedding model key is needed; ensure that is documented and minimal-scoped. (5) Require a retention and PII/secret-filtering policy — the skill logs every prompt/delegation and could persist sensitive data. (6) If you will allow autonomous invocation, restrict which agents can use this skill and audit the memory_audit table regularly. If the author cannot explain the DB connectivity and data governance, treat the skill as unsafe to enable in production.
功能分析
Type: OpenClaw Skill
Name: memory-ops
Version: 0.1.2
The skill bundle is designed for memory management and auditing within a PostgreSQL database. While the `SKILL.md` instructions are benign and even include a positive security instruction ('Não salvar segredos sensíveis sem necessidade explícita'), the SQL files (`references/queries.sql`, `references/schema.sql`, `scripts/memory_ops_template.sql`) consistently use a hardcoded `user_id = 'ian'` and `agent = 'jarvis'`. This indicates a potential vulnerability related to multi-tenancy or user context management, where data might be inadvertently shared or accessed across users if the OpenClaw platform does not strictly enforce user isolation, classifying it as suspicious rather than benign due to this design flaw.
能力评估
Purpose & Capability
Name/description claim Postgres + pgvector memory ops, and the included SQL/schema/templates implement exactly that. However the skill does not declare any way to connect to the database (no env vars, no connection path). That is an incoherence: it requires DB access in practice but asks for no credentials or config. Also many queries hardcode user_id='ian' and agent='jarvis', which is not general-purpose and suggests the package is tailored to a single account/agent.
Instruction Scope
SKILL.md instructs the agent to read memory before responding, save user prompts, log delegations and audit events — all consistent with the stated goal. It does not instruct any network exfiltration or access to unrelated system files. Missing are guidance about sanitization/filtering of secrets, retention policy, or how to obtain embeddings (the SQL expects a :query_embedding bind). The mandatory 'save every prompt/delegation' behavior increases risk of storing sensitive data if not filtered.
Install Mechanism
Instruction-only skill with no install spec and no code files that execute. This minimizes install-time risk; nothing is downloaded or written by an installer.
Credentials
The skill requests no environment variables or credentials but clearly needs database connection info (host/port/db/user/password or similar) and likely an embeddings model/key in real use. The absence of declared env vars is an inconsistency. Additionally, defaulting to a fixed user_id ('ian') and agent ('jarvis') may cause accidental cross-user data writes if reused in another environment.
Persistence & Privilege
The skill is not always-enabled and does not request special platform privileges, which is good. However its runtime protocol mandates writing every prompt/delegation and an audit row per turn — this persistent logging is expected for a memory/audit system but is privacy-sensitive and should be constrained by retention/permission policies and explicit DB credentials.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install memory-ops - 安装完成后,直接呼叫该 Skill 的名称或使用
/memory-ops触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.2
- No functional changes; only metadata updated.
- No user-facing, protocol, or implementation modifications included in this version.
v0.1.1
- Added _meta.json file for enhanced metadata and skill management.
- No changes to core logic or protocol—functionality remains the same.
v0.1.0
Initial release: mandatory memory consult/write protocol for Memory_openclaw
元数据
常见问题
Memory Ops 是什么?
Manage mandatory PostgreSQL memory operations with context retrieval, prompt logging, delegation tracking, and audit event recording using Memory_openclaw an... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 532 次。
如何安装 Memory Ops?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install memory-ops」即可一键安装,无需额外配置。
Memory Ops 是免费的吗?
是的,Memory Ops 完全免费(开源免费),可自由下载、安装和使用。
Memory Ops 支持哪些平台?
Memory Ops 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Memory Ops?
由 Ianleme(@ianleme)开发并维护,当前版本 v0.1.2。
推荐 Skills