← 返回 Skills 市场
broedkrummen

Overkill Memory System

作者 Broedkrummen · GitHub ↗ · v1.9.5
cross-platform ⚠ suspicious
651
总下载
0
收藏
0
当前安装
21
版本数
在 OpenClaw 中安装
/install overkill-memory-system
功能描述
Provides a neuroscience-inspired 6-tier automated memory system with WAL protocol, semantic search, emotional tagging, and value-based retention for OpenClaw...
安全使用建议
This package contains a complete, locally runnable memory system and many helper modules — but its registry metadata understates what it needs. Before installing or enabling it: 1) Review install.sh and every script that writes to crontab or ~/.openclaw to see what will be created and scheduled. 2) Search the code for references to ACC_MODELS, AGENT_ID, ChromaDB, Ollama, Redis, fd, rg, and any network endpoints (Supermemory) — these indicate credentials and binaries the system will use. 3) If you plan to run it, run inside a contained environment (container or isolated user account) first; do not blindly export API keys into your global environment. 4) If you only want limited features, ask the author for a minimal configuration or disable cron/background sync and cloud backup. 5) Prefer setting required env vars locally and narrowly, and avoid giving broad credentials (cloud backups, LLM keys) unless you trust the source. Finally, request the upstream source/homepage or a reproducible build/release — the package currently lists 'source: unknown' and no homepage, which makes verification harder.
功能分析
Type: OpenClaw Skill Name: overkill-memory-system Version: 1.9.5 The skill is classified as suspicious due to multiple critical vulnerabilities, primarily prompt injection vectors and potential remote code execution (RCE). User-controlled input (e.g., `content`, `fact`, `description`, `context`, `mitigation`, `task`, `notes`, `action`) is written directly into various markdown and JSON files (`SESSION-STATE.md`, `CRON-INBOX.md`, `diary/*.md`, `git-notes/index.json`, `ERRORS.md`, `LEARNINGS.md`, `FEATURE_REQUESTS.md`, `acc-state.json`, `habits.json`, `internal_state.json`, `reflections/*.json`). These files are explicitly designed to be read and interpreted by the AI agent (e.g., `ACC_STATE.md` is 'for prompt injection'), creating direct prompt injection vulnerabilities. Additionally, `acc-error-memory/scripts/calibrate-patterns.sh` and `acc-error-memory/scripts/haiku-screen.sh` execute external LLM CLI commands via `subprocess.run` using the `ACC_MODELS` environment variable. If `ACC_MODELS` can be controlled by an attacker, this leads to RCE. While the skill's stated purpose is benign, these vulnerabilities present significant attack surfaces.
能力评估
Purpose & Capability
The name/description (a local multi-tier memory system) is consistent with the shipped code (search, WAL, ChromaDB integration, spaced repetition, error-tracking modules). However the registry metadata claims no required env vars or binaries while the code and integration docs clearly depend on external tools and services: fd/rg for fast file search, ChromaDB/redis for vector/cache tiers, optional Ollama/OpenAI/Claude CLIs (ACC_MODELS) for LLM screening, AGENT_ID for multi-agent namespacing, and optional cloud backup (Supermemory). The skill legitimately needs many of these — but they should be declared. The lack of declared requirements is an incoherence and increases risk.
Instruction Scope
SKILL.md and many subdocs/scripts instruct the agent to read and write many files under ~/.openclaw (diary, daily logs, memory dirs, .learnings, git-notes), run cron jobs (background maintenance, periodic analyses), and invoke external CLIs (LLM commands via ACC_MODELS, fd/rg, rg JSON parsing). The instructions also show code that will walk user memory directories and ingest transcripts. Those actions are plausible for a memory system, but they give broad file access and persistent background activity. The runtime instructions are specific (cron entries, install.sh, scripts) — they are not limited or sandboxed, and they reference environment variables not declared in the registry.
Install Mechanism
Registry lists 'instruction-only' (no install spec), but the package includes several install scripts (e.g., acc-error-memory/install.sh) and many shell scripts that set up cron jobs and create state under the user's home (~/.openclaw). There is no single verified package repository or signed release; code will live on disk and contains many shell invocations and subprocess.run calls. While there are no external download URLs in the manifest, the included install scripts could modify crontab and write persistent files — a moderate install risk that should be manually audited before execution.
Credentials
The skill metadata declares no required environment variables, but the code/docs expect several: ACC_MODELS (LLM CLI commands), AGENT_ID (namespacing for ChromaDB), ChromaDB/OLLAMA/OpenAI credentials or settings (mentioned in .env example), and likely cloud backup credentials for 'Supermemory'. The code also expects fd/rg on PATH and may expect Redis/ChromaDB storage. Requiring LLM CLIs and cloud backup credentials is reasonable for some features, but the omission from the declared requirements is a serious mismatch and could lead to accidental credential exposure if users export keys without realizing.
Persistence & Privilege
always:false (no forced presence), but the package explicitly supports and documents setting cron jobs (install.sh --with-cron, ACC pipeline scheduled 3x/day) and persistent directories under the user's home. This is expected for an agent memory system (background sync, WAL flush), but it is persistent: cron tasks and files will remain and run outside immediate user actions. Because persistent background tasks are present but not highlighted in registry metadata, treat this as notable and audit install scripts before enabling cron.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install overkill-memory-system
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /overkill-memory-system 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.9.5
- Removed platform posts tracking functionality and associated files. - Updated documentation to reflect version downgrade from 2.0.0 to 1.9.3. - SKILL.md now matches feature availability for 1.9.x (platform post features no longer mentioned). - Cleaned up code and metadata to reflect the removal of platform post support.
v2.0.0
v2.0.0 - Major release! Platform post tracking, full multi-agent support, all features integrated
v1.9.4
- Bump version to 1.9.4 in metadata. - No code or documentation changes; this release updates only the version in _meta.json.
v1.9.3
v1.9.3 - SKILL.md update
v1.9.2
v1.9.2 - Documentation update
v1.9.1
v1.9.1 - Documentation update, version bump
v1.9.0
v1.9.0 - Multi-agent support with shared + private ChromaDB areas, self-reflection, self-improving, file search, knowledge graph
v1.4.0
v1.4.0 - Brain-Full architecture with 6 brain regions: Hippocampus, Amygdala, VTA, Basal Ganglia, Insula, ACC. Added habits, internal state, diary search, strategy notes.
v1.3.0
v1.3.0 - Speed-first architecture with ~5ms average query time, hybrid neuroscience, error learning, vestige integration
v1.2.0
v1.2.0 - Added acc-error-memory integration for error pattern tracking and correction learning
v1.1.6
v1.1.6 - Added security section explaining when network access occurs based on env vars
v1.1.5
v1.1.5 - Fixed env declarations in metadata, added on-import side effects warning, clarified cloud features require API keys
v1.1.4
v1.1.4 - Fixed .env.example, added env declarations to metadata, added prerequisites section to docs clarifying what's core vs requires setup
v1.1.3
v1.1.3 - Added commands.bash=true to enable bash commands
v1.1.2
v1.1.2 - Added .env.example with all environment variables. Updated documentation to clarify cloud integration requirements.
v1.1.1
v1.1.1 - Bug fixes. Command Center framework removed (separate project).
v1.1.0
v1.1.0 - Added 10+ speed optimizations: L1 Cache, Parallel Query, Redis Hot Cache, Result Caching, Binary Search, Connection Pooling, Bloom Filters, Pre-fetch Context, Lazy Loading, Pre-computed Embeddings. Cloud with daily sync. Command Center framework included.
v1.0.3
Added cloud section, renamed framework file, updated credits to Broedkrummen
v1.0.2
Added overkill-memory-system.md framework document
v1.0.1
Added mem0 to credits
元数据
Slug overkill-memory-system
版本 1.9.5
许可证
累计安装 0
当前安装数 0
历史版本数 21
常见问题

Overkill Memory System 是什么?

Provides a neuroscience-inspired 6-tier automated memory system with WAL protocol, semantic search, emotional tagging, and value-based retention for OpenClaw... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 651 次。

如何安装 Overkill Memory System?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install overkill-memory-system」即可一键安装,无需额外配置。

Overkill Memory System 是免费的吗?

是的,Overkill Memory System 完全免费(开源免费),可自由下载、安装和使用。

Overkill Memory System 支持哪些平台?

Overkill Memory System 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Overkill Memory System?

由 Broedkrummen(@broedkrummen)开发并维护,当前版本 v1.9.5。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论