← 返回 Skills 市场

pinecone-memory

Name: pinecone-memory
Author: chenni666

作者 chenni666 · GitHub ↗ · v1.0.1 · MIT-0

cross-platform ⚠ suspicious

129

总下载

当前安装

版本数

在 OpenClaw 中安装

/install pinecone-memory

功能描述

将 OpenClaw 记忆系统接入 Pinecone 向量数据库，用于语义检索与记忆持久化。Use when: 用户要求同步记忆到 Pinecone、执行语义搜索、为记忆做云端备份、对大规模记忆进行高效检索。

安全使用建议

What to check before installing and running this skill: - Metadata mismatch: the registry metadata claims no required env vars, but the SKILL.md and code require PINECONE_API_KEY and Node.js. Assume PINECONE_API_KEY is required until the registry entry is corrected. - Install safely: run npm install in an isolated environment if you need to install dependencies. Review package.json (it depends on @pinecone-database/pinecone) and prefer installing in a controlled environment (container, VM) first. - Test with non-production credentials: use a throwaway Pinecone API key and a non-production index/namespace when you first run check/sync/heartbeat/cleanup. - Inspect default paths: by default the tool reads MEMORY.md and recursively reads the 'memory' folder — ensure these paths don't include sensitive files. If you pass custom paths, validate them carefully. - Be careful with destructive commands: cleanup deletes namespace data; restore/write operations modify your index. Don’t run cleanup/restore against production namespaces without backups and explicit confirmation. - Local artifacts: the tool writes .pinecone-memory-state.json and JSONL backups. Ensure these files are stored securely (they may contain excerpts of your memories) and exclude them from public repos. - Review code if you need higher assurance: the included tools/pinecone-memory.mjs is readable; if you are not comfortable, have a developer audit network calls and confirm there are no hidden endpoints beyond the Pinecone SDK usage. If you want, I can: - Summarize the remainder of tools/pinecone-memory.mjs (file was truncated in the manifest) and look specifically for network calls or surprising behavior, or - Produce a short checklist/command sequence to safely try this skill in a sandboxed environment.

功能分析

Type: OpenClaw Skill Name: pinecone-memory Version: 1.0.1 The skill is a legitimate utility for integrating Pinecone as a semantic memory backend for OpenClaw. It includes proactive security features such as the `redactSensitive` function in `tools/pinecone-memory.mjs` to strip API keys and passwords from text before syncing. The code follows the stated purpose of document synchronization, querying, and health monitoring using the official Pinecone SDK, with no evidence of data exfiltration to unauthorized endpoints or malicious execution.

能力标签

crypto

能力评估

ℹ Purpose & Capability

The skill's stated purpose (persist OpenClaw memory to Pinecone and perform semantic search) aligns with the code and CLI commands: it reads local markdown memory, chunks/redacts text, and upserts/queries a Pinecone index. However the registry metadata provided earlier shows no required env vars or binaries while the SKILL.md (and the code) require Node and PINECONE_API_KEY — that metadata mismatch is an incoherence you should resolve before trusting the skill.

⚠ Instruction Scope

Runtime instructions (SKILL.md) explicitly tell the agent to run node tools/pinecone-memory.mjs with paths like MEMORY.md and 'memory' (a directory). The tool will read arbitrary markdown files under given paths, write a local state file (.pinecone-memory-state.json), write backup JSONL files, and can perform destructive operations (cleanup). Reading local files is expected for a memory-sync tool, but that means the skill will process any files in the supplied paths — if those contain secrets the tool may see them (it tries to redact API keys/tokens/passwords, but redaction is heuristic). The instructions are prescriptive (explicit commands) but grant broad file-read scope via default paths and recursive directory walk; that increases risk if the agent or user accidentally points it to sensitive locations.

ℹ Install Mechanism

Registry shows no install spec (instruction-only), which is lower risk for automatic writes. But the package.json declares a dependency on @pinecone-database/pinecone and Node.js is required; the README/SETUP instructs running npm install. That means installing this skill in practice will fetch an npm package from the public registry — a moderate-risk action (normal for such a tool). There is no remote arbitrary archive download or obscure URL usage in the files provided.

⚠ Credentials

The SKILL.md metadata and code require PINECONE_API_KEY (primary credential) and the code uses it to construct a Pinecone client. That is proportionate to the described purpose. However the registry metadata supplied with the skill bundle incorrectly lists no required env vars — this discrepancy is important to surface: the skill will fail without PINECONE_API_KEY and you should not rely on the registry's empty 'required env' claim. No other secrets (AWS keys, DB creds) are requested in the files provided.

✓ Persistence & Privilege

The skill is not always-enabled and does not request special platform-level privileges. It writes its own state file (.pinecone-memory-state.json), backup JSONL, and suggests cron/heartbeat jobs (user-run). It can perform destructive operations on the target Pinecone namespace (cleanup) which is expected for an index management tool but means you should avoid running cleanup in production namespaces/with production API keys without explicit confirmation.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install pinecone-memory
安装完成后，直接呼叫该 Skill 的名称或使用 /pinecone-memory 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.1

- Major refactor: simplified and modularized Pinecone memory skill with a new command-line tool. - Added new tools: check, sync, query, stats, heartbeat, cleanup, backup, and restore (all in tools/pinecone-memory.mjs). - Integrated heartbeat for health check and automated write verification. - Improved, clearer SKILL.md and SETUP.md with concise usage and command examples. - Dropped legacy setup.md/skill.md; restructured documentation and metadata in SKILL.md. - Incremental sync, enhanced error reporting, and structured ID/metadata strategy now standard.

v1.0.0

- Initial release: integrates OpenClaw memory system with Pinecone for scalable semantic retrieval and persistent cloud backup. - Supports upserting and querying structured memory records with namespace and metadata filtering. - Provides robust data modeling standards, write/read consistency strategies, and safety filters for sensitive data. - Detailed trigger, usage, and storage rules for conversation memory, project knowledge, user preferences, and more. - Includes example record/data schemas and configuration samples for easy setup.

元数据

Slug pinecone-memory

版本 1.0.1

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 2

常见问题

pinecone-memory 是什么？

将 OpenClaw 记忆系统接入 Pinecone 向量数据库，用于语义检索与记忆持久化。Use when: 用户要求同步记忆到 Pinecone、执行语义搜索、为记忆做云端备份、对大规模记忆进行高效检索。它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 129 次。

如何安装 pinecone-memory？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install pinecone-memory」即可一键安装，无需额外配置。

pinecone-memory 是免费的吗？

是的，pinecone-memory 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

pinecone-memory 支持哪些平台？

pinecone-memory 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 pinecone-memory？

由 chenni666（@chenni666）开发并维护，当前版本 v1.0.1。