Memory Pipeline

Complete agent memory + performance system. Extracts structured facts, builds knowledge graphs, generates briefings, and enforces execution discipline via pre-game routines, tool policies, result compression, and after-action reviews. Includes external knowledge ingestion (ChatGPT exports, etc.) into searchable memory. Use when working on memory management, briefing generation, knowledge consolidation, external data ingestion, agent consistency, or improving execution quality across sessions.

This package is plausibly a real memory pipeline, but review and (optionally) run it in a sandbox before trusting it with your main workspace. Specifically: - Inspect ingest-chatgpt.py: it writes imported ChatGPT exports into the skill's own memory/ subdirectory instead of your workspace memory/; either change OUTPUT_DIR to point at your workspace or move files after import so the rest of the pipeline can see them. - Audit setup.sh and any scripts before executing them, and run them with least privilege (not as root). - Be aware the scripts read local agent transcripts (~/.clawdbot/agents/main/sessions) and ~/.config/*/api_key files — these are sensitive. If you don’t want them scanned, move or restrict those files before running or use a temporary workspace. - The exclusion patterns in ingest-chatgpt.py include many medical/research terms; if you expect to import such content, remove/change that list. - Keep LLM API keys in secure locations; prefer env vars for ephemeral use rather than placing keys in files unless you control file permissions. Consider running a dry-run option where available (ingest has --dry-run) to preview actions. If you want, I can point to the exact lines in the scripts that need changing (e.g., OUTPUT_DIR in ingest-chatgpt.py) or produce a minimal patch to make all scripts consistently target the same workspace/memory location.

Type: OpenClaw Skill Name: memory-pipeline Version: 0.4.0 The skill is classified as suspicious primarily due to its Python scripts (`scripts/setup.sh`, `scripts/memory-briefing.py`, `scripts/memory-extract.py`, `scripts/memory-link.py`) directly accessing and reading API keys from sensitive user configuration files located in `~/.config/openai/api_key`, `~/.config/anthropic/api_key`, and `~/.config/gemini/api_key`. While this access is for the stated purpose of authenticating with LLM providers, reading arbitrary files from the user's home directory, even specific config files, is a sensitive capability that could be exploited if the script were compromised or if the agent's permissions were overly broad. There is no evidence of malicious intent such as exfiltration of these keys or other data to unauthorized third parties, nor any malicious prompt injection attempts against the agent.