← 返回 Skills 市场
123
总下载
0
收藏
1
当前安装
2
版本数
在 OpenClaw 中安装
/install memory-persistence
功能描述
Multi-backend memory system with optional embedding, private/shared memories, conversation summarization, and maintenance tools. For AI agents to store and r...
安全使用建议
This package appears to implement the advertised memory system, but it has two important transparency issues to resolve before use: (1) it expects GitHub/Gitee tokens (and separate shared-repo tokens) though the registry doesn't declare them — only provide these secrets if you intend to use a remote backend and understand the permissions; (2) embeddings and summarization will download models and may call external LLM providers or read agent configuration (the README mentions auto-detecting OpenClaw model). To reduce risk: run it in an isolated environment, prefer the local or sqlite backend until you've reviewed storage/github.py and summarizer.py to confirm what remote operations and config reads are performed, avoid supplying broad-scoped repo tokens (use least-privilege PATs scoped to a single repo), and review any network activity/logging during a trial run. If you want, I can inspect storage/github.py and summarizer.py lines specifically for network endpoints, auth usage, and any code that reads system/agent config to give a higher-confidence verdict.
功能分析
Type: OpenClaw Skill
Name: memory-persistence
Version: 1.0.1
The skill bundle provides a comprehensive memory persistence system but includes high-risk capabilities. Specifically, 'summarizer.py' contains an 'OpenClawModelDetector' class designed to automatically locate and read the user's global OpenClaw configuration files (~/.openclaw/openclaw.json) to extract sensitive API keys and provider settings. Additionally, the 'github.py' and 'gitee.py' storage backends facilitate remote data synchronization using environment-stored tokens (GITHUB_TOKEN/GITEE_TOKEN). While these features align with the stated goal of persistent multi-agent memory, the automated harvesting of master configuration secrets and the ability to push data to external repositories represent a significant attack surface.
能力评估
Purpose & Capability
The code and SKILL.md implement a memory system with optional embeddings and GitHub/Gitee backends — this matches the skill name and description. However, the registry metadata declares no required environment variables while the README and SKILL.md explicitly reference GITHUB_TOKEN, GITEE_TOKEN and shared backend tokens; that omission is an incoherence. Also the summarizer claims to 'auto-detect OpenClaw model' which implies reading agent configuration or contacting an LLM provider — capability that should have been declared.
Instruction Scope
The SKILL.md instructs installing heavy packages (sentence-transformers, scikit-learn, numpy) and indicates the embedding model will be auto-downloaded on first use. It also documents using GitHub/Gitee tokens and 'auto-detect OpenClaw model' for summarization. Those instructions allow network access and model downloads and may read agent/config state; the skill instructions do not clearly limit or disclose those behaviors to the registry metadata.
Install Mechanism
No formal install spec in the registry (instruction-only), but SKILL.md instructs pip installing large dependencies and embedding models are auto-downloaded at runtime. That is common for embedding tooling but increases runtime network activity and disk usage; no packaged release URL or validated installer is provided.
Credentials
Registry lists no required environment variables, yet config.yaml and SKILL.md reference multiple token env names (GITHUB_TOKEN, GITEE_TOKEN, SHARED_GITHUB_TOKEN, SHARED_GITEE_TOKEN, etc.). Requesting repository tokens is reasonable for GitHub/Gitee backends, but the omission from declared requirements is a mismatch and reduces transparency. The number of potential secret envs is significant relative to a local-memory convenience tool; you should only provide tokens when you intentionally use remote backends.
Persistence & Privilege
The skill does not request 'always: true' and uses the normal agent invocation model. It writes/reads local directories (./memory_data, ./shared_memory, sqlite files) and can push/pull to remote git hosting via provided tokens. That file-system and network persistence is consistent with a memory/storage tool but increases blast radius if remote tokens are supplied.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install memory-persistence - 安装完成后,直接呼叫该 Skill 的名称或使用
/memory-persistence触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
- Changed skill name from "memory-system" to "memory-persistence"
- No code or functional changes; documentation now reflects the new name
- All features, APIs, and usage remain the same
v1.0.0
- Initial public release of the memory-system skill.
- Supports private and shared memories for multi-agent collaboration.
- Includes multiple storage backends: local file, SQLite, GitHub, and Gitee.
- Optional embedding-based semantic search using sentence-transformers.
- Features LLM-driven conversation summarization and memory maintenance tools.
- Provides CLI and Python API for memory management, batch operations, groups, and templates.
元数据
常见问题
memory-persistence 是什么?
Multi-backend memory system with optional embedding, private/shared memories, conversation summarization, and maintenance tools. For AI agents to store and r... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 123 次。
如何安装 memory-persistence?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install memory-persistence」即可一键安装,无需额外配置。
memory-persistence 是免费的吗?
是的,memory-persistence 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
memory-persistence 支持哪些平台?
memory-persistence 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 memory-persistence?
由 529279917(@529279917)开发并维护,当前版本 v1.0.1。
推荐 Skills