← 返回 Skills 市场
fatcatmaofei

Enhanced Memory

作者 fatcatMaoFei · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
481
总下载
0
收藏
2
当前安装
1
版本数
在 OpenClaw 中安装
/install openclaw-enhanced-memory
功能描述
An enhanced memory system for OpenClaw agents that replaces the default single-file MEMORY.md with a complete memory architecture: hierarchical directory org...
安全使用建议
This skill is coherent with its stated goal, but review and adapt before installing: 1) Fix the MEMORY path mismatch — memory_lifecycle_manager.py and memory_retrieval_strategy.py use /home/clawdbot/.openclaw/workspace/memory while memory_tag_search.py looks in a relative scripts/memory directory; decide which path is correct and update scripts to the same, configurable location. 2) Verify permissions and owner of the chosen memory directory — these scripts will read, copy, and remove (unlink) files in that directory; run them in a safe/test workspace first. 3) Note the lifecycle script copies files to archived/ then deletes the original from active dirs (so active copies are removed) — if you truly need originals preserved in-place, change the behavior. 4) Search the code for any absolute paths or name lists you don't expect (the retrieval regexes include many personal name patterns) and adjust. 5) Run the scripts locally in a sandbox or with a backup of your memory files before enabling cron or automated runs. If you want a more confident recommendation, provide the host environment layout (where your agent stores memory) so I can check exact path compatibility and a short sample of your memory directory structure.
功能分析
Type: OpenClaw Skill Name: openclaw-enhanced-memory Version: 1.0.0 The skill bundle is classified as suspicious due to a shell injection vulnerability against the OpenClaw agent. The `SKILL.md` file instructs the agent to execute Python scripts (`scripts/memory_retrieval_strategy.py` and `scripts/memory_tag_search.py`) by directly embedding user-provided queries into shell commands. If the agent does not sanitize user input before constructing these commands, an attacker could inject arbitrary shell commands (e.g., `python3 scripts/memory_retrieval_strategy.py "What did I eat yesterday? && rm -rf /"`), leading to remote code execution on the agent's host. While the Python scripts themselves handle their arguments safely and do not contain malicious logic, the instructions provided to the agent create a critical vulnerability.
能力评估
Purpose & Capability
Name/description match the code: all scripts implement filesystem-based memory organization, tag search, retrieval, and lifecycle management. No network calls or unrelated binaries/credentials are requested.
Instruction Scope
SKILL.md instructs the agent and operator to read/write/manage a memory directory and to run the included scripts. The scripts access and modify files on disk (archive, copy, delete original), which is expected, but the instructions are permissive about file locations and cron setup and do not tell users to verify or adapt hard-coded paths.
Install Mechanism
Instruction-only with bundled Python scripts (no external installs, no network downloads). Risk from installation is low, but runtime writes/reads are the main surface.
Credentials
No env vars or credentials required (good), but scripts use a hard-coded absolute path (MEMORY_BASE = /home/clawdbot/.openclaw/workspace/memory) in two scripts while the tag search script uses a relative ./memory path next to the script — this inconsistency could cause scripts to operate on different directories or unexpectedly access a host user's home directory.
Persistence & Privilege
Skill does not request always: true and does not modify other skills. However, it will read, copy, and remove files under the memory directory (file_path.unlink()), so it requires filesystem read/write/delete privilege over whatever memory path is used. That is normal for a memory manager but you should confirm the path and permissions.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install openclaw-enhanced-memory
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /openclaw-enhanced-memory 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release - Hierarchical tagged memory system with lifecycle management
元数据
Slug openclaw-enhanced-memory
版本 1.0.0
许可证
累计安装 2
当前安装数 2
历史版本数 1
常见问题

Enhanced Memory 是什么?

An enhanced memory system for OpenClaw agents that replaces the default single-file MEMORY.md with a complete memory architecture: hierarchical directory org... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 481 次。

如何安装 Enhanced Memory?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-enhanced-memory」即可一键安装,无需额外配置。

Enhanced Memory 是免费的吗?

是的,Enhanced Memory 完全免费(开源免费),可自由下载、安装和使用。

Enhanced Memory 支持哪些平台?

Enhanced Memory 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Enhanced Memory?

由 fatcatMaoFei(@fatcatmaofei)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论