← 返回 Skills 市场
120
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install openclaw-memory-kit
功能描述
Scaffold, sanitize, or share an OpenClaw multi-agent memory system with a reusable workspace, memory-lancedb-pro configuration, role prompts, task-board conv...
安全使用建议
This package is documentation-heavy and claims to scaffold a sanitized OpenClaw memory workspace, but it does not include the referenced bootstrap PowerShell script or any installer. Before running anything that writes files or installs npm packages: 1) ask the publisher for the bootstrap script source or view its full contents so you can inspect it; 2) do not paste or copy your live .env or secrets — follow the sanitization checklist; 3) run any generator or npm installs in an isolated directory or container and back up your existing OpenClaw state; 4) verify npm package names and versions against the official registry (and prefer pinned versions you trust); and 5) if you want to let the agent run commands, require explicit confirmation for each filesystem or network action. If the maintainer cannot provide the actual bootstrap script or an explicit install manifest, treat this skill as incomplete and avoid running ad-hoc scripts fetched from unverified sources.
功能分析
Type: OpenClaw Skill
Name: openclaw-memory-kit
Version: 0.2.1
The skill bundle provides a framework for scaffolding and sanitizing OpenClaw memory workspaces, which involves high-risk operations such as executing a PowerShell script (bootstrap-openclaw-memory.ps1), installing npm packages (memory-lancedb-pro), and modifying the filesystem (SKILL.md, references/generated-files.md). While the documentation (references/sanitization.md) demonstrates a strong focus on security by explicitly forbidding the copying of secrets, API keys, or personal data, the reliance on shell execution and package management constitutes a significant attack surface. No clear evidence of malicious intent or data exfiltration was found, but the capabilities are inherently risky.
能力评估
Purpose & Capability
The skill's stated purpose (scaffold/sanitize/share an OpenClaw memory workspace) matches the included documentation and role prompts. However, it promises a generator script (scripts/bootstrap-openclaw-memory.ps1) and runtime behavior (write state-local npm packages) while the package contains only docs and no bootstrap script or installer code — an inconsistency between claimed capability and delivered artifacts.
Instruction Scope
SKILL.md tells the agent (or user) to run a PowerShell bootstrap script, create and overwrite files under a target root, and optionally install npm plugins. Those actions modify local filesystem state and fetch packages over the network. The core problem: the instructions reference a script file that is not present in the skill bundle, leaving ambiguity about where the executable logic lives and increasing the risk the user will execute an unvetted script obtained elsewhere.
Install Mechanism
There is no install spec (instruction-only), which is low-risk in principle. But the instructions expect npm package installs and a bootstrap script to run; because neither the script nor an install mechanism is included, the skill depends on the environment or external downloads the skill does not provide or document explicitly.
Credentials
The skill does not request environment variables, credentials, or config paths. The documentation explicitly warns not to copy secrets and to use placeholders, which aligns with the stated sanitization goal.
Persistence & Privilege
The skill is not force-included (always: false) and does not request elevated or persistent privileges. allow_implicit_invocation is enabled in agents/openai.yaml (normal for skills) but this is not by itself a red flag.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-memory-kit - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-memory-kit触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.2.1
Refresh the memory kit for OpenClaw 2026.3.23-2 compatibility and update the official Feishu plugin guidance.
v0.2.0
v0.2.0: Three cross-platform bootstrap scripts (PowerShell / Bash / Python). Separated platform scripts for Windows, macOS, and Linux instead of a single Python entry point.
元数据
常见问题
OpenClaw Memory Kit 是什么?
Scaffold, sanitize, or share an OpenClaw multi-agent memory system with a reusable workspace, memory-lancedb-pro configuration, role prompts, task-board conv... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 120 次。
如何安装 OpenClaw Memory Kit?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-memory-kit」即可一键安装,无需额外配置。
OpenClaw Memory Kit 是免费的吗?
是的,OpenClaw Memory Kit 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
OpenClaw Memory Kit 支持哪些平台?
OpenClaw Memory Kit 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 OpenClaw Memory Kit?
由 sune(@sora-mury)开发并维护,当前版本 v0.2.1。
推荐 Skills