← 返回 Skills 市场
68
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install memory-secretary-v1-0-1
功能描述
智能管理与优化记忆文件,提供质量检查、重复任务检测、成功案例提取、工作模式分析和智能提醒。
安全使用建议
This package is internally inconsistent: docs/tests reference many files and scripts that are not included, and the code—contrary to SKILL.md—creates and writes files under your workspace/memory. The README also tells users to force-install past VirusTotal warnings. Before installing, do the following: (1) inspect the full source yourself and confirm which files will be created under your workspace/memory and what they contain; (2) run the code in an isolated sandbox or VM with a backed-up test workspace (not your real memory data); (3) verify missing modules/scripts (smart_adaptive, daily_check, pilot_check, scripts/) — ask the author for a complete release or updated manifest; (4) do not use --force to bypass security warnings without code review; (5) if you proceed, point workspace_root to a dedicated test directory and check precisely what files are written. These contradictions are suspicious but do not prove intent to harm; require clarification or a corrected release.
功能分析
Type: OpenClaw Skill
Name: memory-secretary-v1-0-1
Version: 1.0.1
The skill bundle is classified as suspicious primarily due to instructions in README.md and CHANGELOG.md that explicitly advise users to ignore security warnings (VirusTotal) and use installation overrides (--force). While the core logic in src/memory_secretary_lite.py appears to be a benign tool for analyzing local markdown files using Python standard libraries, the use of social engineering to dismiss security alerts is a classic indicator of potentially harmful intent or hidden payloads. No direct evidence of data exfiltration or malicious execution was found in the provided files, but the attempt to undermine security tooling warrants caution.
能力评估
Purpose & Capability
The README/SKILL.md describe a local, read-only memory analysis tool with zero external deps, which roughly matches the core src/memory_secretary_lite.py. However __init__.py exports several modules (smart_adaptive, daily_check, pilot_check) and README/tests reference many scripts, config files and a 'scripts' directory that are not present in the package manifest. That mismatch (references to missing components) and the README/test expectations about workspace contents suggest the bundle is incomplete or expects external files in your workspace.
Instruction Scope
SKILL.md states the tool 'will not modify memory files' (read-only), yet the code initializes and creates a secretary_data_dir under the workspace/memory directory and saves reports (the quality check uses _save_report). The skill therefore writes files into your memory/ area despite claiming not to. Installation instructions (unzip into ~/.openclaw/skills/) are generic and the README encourages forcing install if VirusTotal flags it—this guidance is risky and inconsistent with 'from trusted source' practices.
Install Mechanism
No formal install spec is provided (instruction-only), but the package contains Python source and tests. The SKILL.md suggests manual unzip; there is no download URL in the manifest. Lack of an automated, verifiable install mechanism is not inherently malicious, but combined with the README's advice to use --force to bypass VirusTotal warnings increases risk.
Credentials
The skill declares no required credentials or env vars (good), but it accesses and writes under a workspace path (default '/home/admin/openclaw/workspace' or provided workspace_root). Tests and docs expect a 'memory' directory and 'scripts' — if those contain sensitive data, the skill will read them and it will also write report files under memory/secretary. The write behavior contradicts the claimed read-only scope and is disproportionate to the 'do not modify' assertion.
Persistence & Privilege
The skill does not request 'always: true' and uses normal autonomous invocation settings, which is fine. However it will create directories and persist reports under your workspace/memory, giving it persistent on-disk footprint. Combined with mismatches and the encouragement to bypass VirusTotal warnings, this persistent write access raises concern and warrants sandboxed testing before use.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install memory-secretary-v1-0-1 - 安装完成后,直接呼叫该 Skill 的名称或使用
/memory-secretary-v1-0-1触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
- 新增功能说明文档 SKILL.md,详细介绍技能用途、核心功能、安装与使用方法
- 公开了六大核心功能,包括记忆质量管理、重复工作检测、成功案例提取等
- 明确了零外部依赖、小体积和快速部署等技术特点
- 提供了文件结构、测试方法及常见问题解答
- 更新日志中保留了 1.0.0 的基础变更描述
- 增加了支持与联系方式信息
元数据
常见问题
记忆秘书 是什么?
智能管理与优化记忆文件,提供质量检查、重复任务检测、成功案例提取、工作模式分析和智能提醒。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 68 次。
如何安装 记忆秘书?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install memory-secretary-v1-0-1」即可一键安装,无需额外配置。
记忆秘书 是免费的吗?
是的,记忆秘书 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
记忆秘书 支持哪些平台?
记忆秘书 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 记忆秘书?
由 yhm2084(@yhm2084)开发并维护,当前版本 v1.0.1。
推荐 Skills