← 返回 Skills 市场
Memory Pro System
作者
FluffyAIcode
· GitHub ↗
· v0.0.7
· MIT-0
98
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install openclaw-memory-pro
功能描述
Enhanced AI memory system — vector store, document-level MSA, knowledge graph, collision engine, executable skills, and closed-loop skill evolution.
安全使用建议
This skill is not outright malicious, but several red flags mean you should proceed cautiously. Before installing or running it: 1) Review the remote GitHub repository (FluffyAIcode/openclaw-memory-pro-system) — inspect setup.py/pyproject.toml and all source files for unexpected network calls, credential harvesting, or shell execs. 2) Avoid installing directly into your primary environment — run the install in an isolated VM or container. 3) Do NOT point it at your production OpenClaw auth-profiles.json or reuse sensitive API keys; create limited-scope/test LLM keys and separate Telegram/test channels. 4) Prefer a pinned commit or official release with checksums rather than cloning an unpinned repo. 5) Audit and control scheduled tasks and any auto-generated skills/webhooks; disable automatic skill activation until you’ve reviewed what it proposes. 6) If you lack capacity to audit the repo, treat this as untrusted code and avoid installing it.
功能分析
Type: OpenClaw Skill
Name: openclaw-memory-pro
Version: 0.0.7
The bundle describes an advanced memory system with high-risk features including a background server, automated task scheduling, and a 'Skill Registry' that supports executable action bindings such as webhooks and tool calls (`SKILL.md`). These capabilities, while aligned with the stated purpose, create a significant attack surface for indirect prompt injection and persistent background execution. Additionally, `_meta.json` contains a future-dated publication timestamp (May 2026), and the 'Skill Proposer' subsystem suggests automated generation of executable logic, which could be exploited to run unauthorized commands if the memory corpus is poisoned.
能力评估
Purpose & Capability
The skill claims to be a memory/knowledge system (vectors, KG, skill proposer). That purpose would legitimately need an LLM key and local code to run — but the registry metadata declared no required env vars or install steps, while SKILL.md/setup.md explicitly require Python + cloning and pip-installing an external repo and LLM API keys. The metadata and declared requirements are inconsistent with the instructions.
Instruction Scope
setup.md instructs cloning a GitHub repo into ~/.openclaw/workspace and pip installing it, configuring OPENROUTER_API_KEY/XAI_API_KEY or reading OpenClaw auth-profiles.json, and enabling scheduled tasks/Telegram channels. The instructions explicitly reference OpenClaw config files (auth-profiles.json, openclaw.json) and writing daily log files and post-remember hooks — actions that read and modify environment/config outside the skill's declared scope.
Install Mechanism
There is no built-in install spec in the registry; setup.md directs the user to git clone https://github.com/FluffyAIcode/openclaw-memory-pro-system and run pip install -e ., which will execute arbitrary Python package code from that repository. The GitHub repo is not pinned to a commit or release and there are no checksums — downloading and installing unpinned code is a moderate-to-high risk.
Credentials
The skill text expects LLM API keys (OPENROUTER_API_KEY or XAI_API_KEY) and will auto-detect keys in OpenClaw's auth-profiles.json. The registry metadata lists no required env vars or config paths; reading auth-profiles.json would access other OpenClaw credentials and is disproportionate to what the registry declared. The skill also suggests configuring Telegram via openclaw.json, which may expose channel tokens.
Persistence & Privilege
The system clones into the user's OpenClaw workspace (~/.openclaw/workspace), writes daily logs, can run scheduled jobs, and the architecture describes auto-generating draft skills with executable bindings (prompt_template/tool_call/webhook). That capability to create executable skills/webhooks and schedule periodic tasks increases privilege and persistence and could enable execution of new behaviors without close review.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-memory-pro - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-memory-pro触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.0.7
v0.0.7: Token budget control, executable skills, MemoryHub callbacks, LLM-powered MSA recall, attention-aware collision engine, multi-provider LLM client.
元数据
常见问题
Memory Pro System 是什么?
Enhanced AI memory system — vector store, document-level MSA, knowledge graph, collision engine, executable skills, and closed-loop skill evolution. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 98 次。
如何安装 Memory Pro System?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-memory-pro」即可一键安装,无需额外配置。
Memory Pro System 是免费的吗?
是的,Memory Pro System 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Memory Pro System 支持哪些平台?
Memory Pro System 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Memory Pro System?
由 FluffyAIcode(@fluffyaicode)开发并维护,当前版本 v0.0.7。
推荐 Skills