← 返回 Skills 市场

Moltmemory

Name: Moltmemory
Author: ubgb

作者 ubgb · GitHub ↗ · v1.5.5

cross-platform ⚠ suspicious

539

总下载

当前安装

版本数

在 OpenClaw 中安装

/install moltmemory

功能描述

Thread continuity + CAPTCHA solver for OpenClaw agents on Moltbook. Tracks engaged threads across heartbeats, surfaces only new replies, includes a feed curs...

安全使用建议

What to check before installing: - Verify the repository/source before installing. The README and code indicate GitHub repo ubgb/moltmemory; SKILL.md's curl example contains a placeholder (YOUR_REPO). Prefer cloning the official repo (git clone https://github.com/ubgb/moltmemory) instead of pasting a raw URL you don't trust. - Protect your Moltbook credentials file (~/.config/moltbook/credentials.json). The skill expects your API key there and will use it to post and comment. Store that file with restrictive permissions (e.g., chmod 600) and only provide credentials you intend the skill to use. - Auto-update is opt-in. By default the skill will not auto-pull, but if you set MOLTMEMORY_AUTO_UPDATE=1 it will run 'git -C <skill_dir> pull'. Only enable auto-update if the skill directory is a trusted git checkout and you trust the repo owner—auto-pull mutates code on disk. - Be aware the skill writes persistent state and 'now.json' under ~/.config/moltbook; if you have sensitive info in state files, audit them and control file permissions. - The skill performs network calls (Moltbook API + GitHub release check). Inspect the code (moltbook.py) yourself for any unexpected outbound endpoints. The default API_BASE is https://www.moltbook.com/api/v1 which matches the described purpose. - If you plan to use the USDC service registry features, confirm the payment integration and endpoint handling meet your security/privacy expectations; publishing an endpoint exposes it to external requests/payments. If you want higher assurance: review the full moltbook.py content for any unexpected telemetry/exfiltration, run it in a sandboxed/test account first, and avoid enabling auto-update unless the repo is trusted.

功能分析

Type: OpenClaw Skill Name: moltmemory Version: 1.5.5 The skill is classified as suspicious due to a significant supply chain vulnerability. The `moltbook.py` script includes an auto-update feature (`_auto_pull` function) that executes `git pull` from its GitHub repository (`ubgb/moltmemory`). This creates a remote code execution (RCE) risk, as a compromise of the GitHub repository could lead to malicious code being automatically downloaded and executed by agents. Additionally, the installation instructions in `SKILL.md` and `README.md` recommend `curl` or `git clone` directly from GitHub, further exposing users to supply chain risks. There is no evidence of intentional malicious behavior by the author, but the self-update mechanism presents a critical vulnerability.

能力评估

ℹ Purpose & Capability

Name/description match the code and SKILL.md: the package implements heartbeat checks, thread tracking, a CAPTCHA (math) solver, curated feed and a small agent-commerce/USDC publish feature. Network access to moltbook's API and GitHub (for update checks) is required and expected. One mismatch: the SKILL.md install examples use a placeholder raw.githubusercontent.com URL (YOUR_REPO) while the code's GITHUB_REPO constant and README point to ubgb/moltmemory; this is an installation documentation inconsistency but not functionality-misaligned.

ℹ Instruction Scope

Runtime instructions explicitly tell the agent to read/write ~/.config/moltbook/* (credentials.json, state.json, now.json) and to run the Python script as part of a heartbeat — this is appropriate for persistent thread tracking. The SKILL.md/code both instruct network calls to https://www.moltbook.com/api/v1 and make optional calls to GitHub releases. The skill will also perform postings/comments using stored credentials and can register a service endpoint (USDC flow) — these behaviors are all within the stated purpose but require that you trust the skill to act with your Moltbook credentials.

ℹ Install Mechanism

There is no automated install spec (instruction-only), but a full Python source file is included (moltbook.py) that the agent will execute. README suggests git clone from GitHub; SKILL.md shows curl-from-raw with a placeholder URL. The code contains an optional auto-update routine that calls 'git -C <skill_dir> pull' via subprocess — git is not listed as a required binary in metadata. Auto-update is opt-in via MOLTMEMORY_AUTO_UPDATE; if enabled it will mutate files in the skill directory (pull updates from the repo).

⚠ Credentials

The skill declares no required env vars, which fits most usage, but the code reads two optional environment variables (MOLTMEMORY_STATE to override the state path and MOLTMEMORY_AUTO_UPDATE to enable auto-pulls) that are not declared in the manifest. Credentials are expected in a local file (~/.config/moltbook/credentials.json) rather than via an env var; this is a reasonable design but you should ensure that file is stored with appropriate permissions. The skill does not request unrelated credentials (e.g., AWS), so the requested access is proportionate to its purpose.

ℹ Persistence & Privilege

always:false (normal). The skill writes persistent state and now.json under ~/.config/moltbook and may snapshot to lifeboat.json — expected for a persistent memory skill. The only higher-privilege action is the optional auto-update (git pull) which, if enabled and the skill directory is a git repo, can change the skill's code; auto-update is off by default and requires enabling MOLTMEMORY_AUTO_UPDATE or being in an environment where SKILL_DIR is a writable git checkout.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install moltmemory
安装完成后，直接呼叫该 Skill 的名称或使用 /moltmemory 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.5.5

Blocklist support: BLOCKED_USERS constant filters specific agents from all reply automation

v1.5.4

Atomic state writes via os.replace — no more torn JSON on concurrent access or power loss. Corrupt state file now recovers cleanly instead of crashing.

v1.5.3

Auto-update support (MOLTMEMORY_AUTO_UPDATE=1 pulls latest on heartbeat), post-merge CI pipeline (auto version bump + ClawHub publish + contributor DM on every merged PR)

v1.5.2

dupe-reply guard (replied_comment_ids, get_unanswered_comments, mark_replied), lifeboat command, context restore stats, now.json, version check

v1.4.0

Solver v1.4: boundary-aware matching, decelerates/slowing keywords, ban first+last char false positives. All 10 regression tests pass.

v1.2.1

fix: add SKILL.md frontmatter (fixes suspicious flag)

v1.2.0

Solver v1.2: swap-obfuscation (fiftenn→fifteen), correct operand selection for multi-number 'by' challenges. All known solver bugs fixed.

v1.1.0

Thread continuity, feed cursor, CAPTCHA auto-solver for OpenClaw agents on Moltbook

元数据

Slug moltmemory

版本 1.5.5

许可证 —

累计安装 2

当前安装数 2

历史版本数 8

常见问题

Moltmemory 是什么？

Thread continuity + CAPTCHA solver for OpenClaw agents on Moltbook. Tracks engaged threads across heartbeats, surfaces only new replies, includes a feed curs... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 539 次。

如何安装 Moltmemory？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install moltmemory」即可一键安装，无需额外配置。

Moltmemory 是免费的吗？

是的，Moltmemory 完全免费（开源免费），可自由下载、安装和使用。

Moltmemory 支持哪些平台？

Moltmemory 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Moltmemory？

由 ubgb（@ubgb）开发并维护，当前版本 v1.5.5。