memory-system

OpenClaw 长期记忆管理系统。提供结构化记忆、向量记忆、语义搜索功能。Use when: 用户需要 AI 记住长期上下文、偏好、决策，或需要从记忆中进行语义搜索。

This skill mostly does what it says (archives local markdown memories into Postgres and performs vector/semantic search), but there are several red flags you should address before installing or running it on sensitive data: - The scripts assume psql and curl are available and a local embedding service at http://localhost:11434; those requirements are not declared. Ensure you understand and control those services. - The code hardcodes the DB username ('damien') and ports; it lacks environment-variable configuration. Prefer changing the scripts to accept DB credentials via secure env vars or a config file before use. - The archiver reads ~/.openclaw/workspace/memory and will import file contents into a database. Only run it if you trust the source and the destination DB. If the local embedding service proxies requests externally, your data could be sent outside your machine. - The import uses naive string interpolation to build SQL passed to psql; this is brittle and could lead to SQL quoting issues or injection-like problems for unusual content. Use parameterized inserts or a DB client library instead. If the author can (a) declare required binaries/env vars, (b) make DB and embedding endpoints configurable through env vars, and (c) fix SQL parameterization, the skill would be much safer. Until then, run it in a controlled/non-sensitive environment and review/modify the scripts yourself.

Type: OpenClaw Skill Name: openclow-memory Version: 1.0.0 The skill bundle contains significant security vulnerabilities, specifically SQL and shell injection risks in `scripts/memory_manager.py` and `scripts/memory_search.py`. These scripts construct command-line strings for `psql` using f-strings and unsanitized file content or user input, which could be exploited if the agent processes untrusted data. While the behavior aligns with the stated purpose of local memory management and no evidence of intentional exfiltration or remote backdoors was found, the poor security practices and hardcoded local environment details (user 'damien') warrant a suspicious classification.