← 返回 Skills 市场
MemSync Dual Memory System
作者
anthony stachowitz
· GitHub ↗
· v1.2.6
738
总下载
0
收藏
0
当前安装
7
版本数
在 OpenClaw 中安装
/install openclaw-memvid-logger
功能描述
Logs all OpenClaw conversations and events with role tags, saving to JSONL and Memvid for full context search and monthly sharded or single-file storage.
安全使用建议
This skill is internally consistent with its stated purpose (a comprehensive conversation logger), but it intentionally captures a lot of sensitive data. Before installing: 1) Review tools/log.py and install.sh line-by-line so you understand exactly what is logged and where files are created. 2) Prefer local/sharding modes if you do not trust memvid.com; only set MEMVID_API_KEY if you accept remote storage. 3) Secure log files (chmod 600) and consider storing them on an encrypted filesystem. 4) Avoid adding unknown environment changes to system-wide files (/etc/environment) unless you know the consequences; the installer only offers to edit your user .bashrc. 5) Audit the memvid CLI package (npm) and the memvid service privacy policy if you plan to use API mode. 6) If you have high-security data or run tools that may output secrets, do not enable this skill or filter sensitive outputs before they reach the logger. If you want a safer test, run the logger in a sandboxed account with no credentials and verify behavior with the included tests.
功能分析
Type: OpenClaw Skill
Name: openclaw-memvid-logger
Version: 1.2.6
The skill is classified as suspicious due to its inherent high-risk capabilities, specifically logging 'everything' (user messages, assistant responses, sub-agent conversations, tool outputs, system events) and executing an external binary (`memvid`) via `subprocess.run`. While the project is exceptionally transparent about these behaviors, explicitly warning users in `SKILL.md`, `README.md`, and `claw.json` about broad data capture, sensitive data risk, and optional cloud data transfer to `memvid.com` (if `MEMVID_API_KEY` is set), the core functionality involves handling and potentially transmitting highly sensitive information. The `install.sh` script also performs significant actions like global `npm install` and modifying `~/.bashrc`, albeit with user prompts. There is no evidence of malicious intent, hidden exfiltration to unauthorized endpoints, or deceptive prompt injection; all risky actions are clearly documented as part of the skill's purpose. The primary concern is the inherent risk of logging all agent interactions and the reliance on an external binary, which could be a vulnerability point if the `memvid` CLI itself were compromised or exploited.
能力评估
Purpose & Capability
Name/description match the implementation: the package contains a logger (tools/log.py), an installer script, and docs describing JSONL + Memvid outputs. Requiring the memvid CLI (npm) and file write/exec permissions aligns with the described functionality. The optional MEMVID_API_KEY for cloud mode is documented as optional.
Instruction Scope
Runtime instructions and install.sh explicitly state the skill will capture 'everything' (user messages, assistant responses, sub-agents, tool outputs, system events) and will run on each assistant response via OpenClaw hooks. The Python code logs the JSON message it receives and calls memvid; it does not independently read arbitrary files or environment variables, but it will record tool outputs and any data provided to the logger. The SKILL.md suggests /etc/environment for persistence (a privileged path) but the installer only writes to the user's .bashrc when asked. This scope is wide but documented; review tools/log.py to confirm what you want logged.
Install Mechanism
There is no formal install spec in registry metadata, but the bundle includes install.sh and instructions to git clone the repository and run npm install -g memvid. Installing memvid via npm is a normal dependency but is a moderate-risk step (third-party package install). No downloads from untrusted shorteners or personal IPs are present; install.sh copies files locally and optionally edits .bashrc.
Credentials
The skill requests no required environment variables or credentials in the registry metadata; MEMVID_API_KEY is optional for cloud mode. The environment access it does use (JSONL_LOG_PATH, MEMVID_PATH, MEMVID_BIN, MEMVID_MODE) is proportional to a logging/memory skill. However, because the skill deliberately logs 'everything', any secrets present in conversations or tool outputs may be captured; that privacy risk is intrinsic to the feature and is repeatedly documented in the SKILL.md.
Persistence & Privilege
always:false and default autonomous invocation are appropriate for a logger that hooks into message_out. The installer optionally writes env vars to the user's .bashrc but does not automatically require system-wide changes. The skill does not attempt to modify other skills or system-wide configurations beyond what it documents.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install openclaw-memvid-logger - 安装完成后,直接呼叫该 Skill 的名称或使用
/openclaw-memvid-logger触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.2.6
Changelog for v1.2.5 (2026-02-22)
Fixed
• Memvid Tag Format: Updated build_tags() to use KEY=VALUE format for Memvid 2.0+ compatibility
• Old: --tag "user,telegram" (comma-separated) — broken
• New: --tag "role=user" --tag "source=telegram" (multiple flags) — fixed
• Fixes "invalid value for --tag" error
Changed
• Documentation - Environment Variables: Added clear instructions to use /etc/environment instead of .bashrc/.profile
• OpenClaw runs as a background service and doesn't inherit shell profiles
• System-wide environment via /etc/environment is required
• Documentation - Hook Format: Clarified that OpenClaw 2026.2.12+ requires JavaScript (.js) handlers, not TypeScript (.ts)
• Documentation - Troubleshooting: Added comprehensive troubleshooting section covering:
• Environment variables not persisting
• Hook registered but not logging
• Memvid tag format errors
• Free tier limits
• Full diagnostic checklist
Compatibility
• Verified with OpenClaw 2026.2.12
• Verified with Memvid CLI 2.0+
v1.2.5
Changelog for v1.2.5 (2026-02-22)
Fixed
• Memvid Tag Format: Updated build_tags() to use KEY=VALUE format for Memvid 2.0+ compatibility
• Old: --tag "user,telegram" (comma-separated) — broken
• New: --tag "role=user" --tag "source=telegram" (multiple flags) — fixed
• Fixes "invalid value for --tag" error
Changed
• Documentation - Environment Variables: Added clear instructions to use /etc/environment instead of .bashrc/.profile
• OpenClaw runs as a background service and doesn't inherit shell profiles
• System-wide environment via /etc/environment is required
• Documentation - Hook Format: Clarified that OpenClaw 2026.2.12+ requires JavaScript (.js) handlers, not TypeScript (.ts)
• Documentation - Troubleshooting: Added comprehensive troubleshooting section covering:
• Environment variables not persisting
• Hook registered but not logging
• Memvid tag format errors
• Free tier limits
• Full diagnostic checklist
Compatibility
• Verified with OpenClaw 2026.2.12
• Verified with Memvid CLI 2.0+
v1.2.4
openclaw-memvid-logger v1.2.4
- Default search guidance now recommends `--mode neural` for the most accurate semantic results
- Documentation updated to explain neural vs lexical search trade-offs (neural: ~200ms, lexical: ~8ms)
- Search mode policy clarified: use neural for understanding and context, lexical only when speed is critical
- Added GitHub issue and PR templates; removed outdated CONTRIBUTING/instructions files
- Internal structure and documentation improved for clarity, especially regarding performance and search accuracy
v1.2.3
openclaw-memvid-logger v1.2.3
- All files and documentation updated for version and feature consistency
- Added a comprehensive Security & Privacy Notice explaining data capture scope and user responsibility
- Improved security: uses generic (non-user-specific) paths, and install script now requests permission before actions
- Added registry metadata for environment variables, credentials, and warnings for enhanced transparency
- README and SKILL.md content are now matched and synchronized
- No code changes; update focuses on documentation, clarity, and compliance
v1.2.2
v1.2.2 - Security improvements and transparency
- Generic paths (no hardcoded user directories)
- Install script asks permission before modifying .bashrc
- Complete registry metadata (env vars, credentials, warnings)
- Comprehensive Security & Privacy Notice
- Clean version bump for fresh security audit
v1.2.1
v1.2.1 - Security improvements
- Removed hardcoded user paths
- Added install confirmation prompts
- Fixed package.json issues
- Generic file naming for portability
v1.2.0
**Unified Conversation Logger v1.2.0 – Full Context Edition**
- Adds role tagging for clearer distinction between user, assistant, agents, system, and tool messages.
- Expands logging to include full conversation context: sub-agent activity, tool results, and system/background events.
- Introduces three storage modes: single-file API mode (large archives), free mode (single file, 50MB), and monthly sharding (multiple files, free and perpetual).
- Enables semantic search across memory files using Memvid for natural language and tag-based queries.
- Simplifies configuration and usage with clear install steps and mode selection.
元数据
常见问题
MemSync Dual Memory System 是什么?
Logs all OpenClaw conversations and events with role tags, saving to JSONL and Memvid for full context search and monthly sharded or single-file storage. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 738 次。
如何安装 MemSync Dual Memory System?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install openclaw-memvid-logger」即可一键安装,无需额外配置。
MemSync Dual Memory System 是免费的吗?
是的,MemSync Dual Memory System 完全免费(开源免费),可自由下载、安装和使用。
MemSync Dual Memory System 支持哪些平台?
MemSync Dual Memory System 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 MemSync Dual Memory System?
由 anthony stachowitz(@stackblock)开发并维护,当前版本 v1.2.6。
推荐 Skills