River Memory

Store and semantically search text memories locally using Ollama with automatic management and optimization.

Summary of risks and next steps: - What this does: stores and semantically searches local text by calling your local Ollama instance (http://localhost:11434) and saving embeddings + content to a JSON memory file. - Main concerns: - index.js invokes the external 'curl' command via a shell (child_process.spawn with shell:true). This is an undeclared binary dependency and can be unsafe if inputs are not escaped, possibly enabling command injection in some scenarios. Prefer using an HTTP library instead of shelling out. - Inconsistent storage paths: Python files use ~/.openclaw/workspace/memory/vector-memory.json while index.js writes to ./memory/vector-memory.json. Decide which path is authoritative or you may end up with scattered memory files. - SKILL.md does not list the specific workspace files import_memories.py reads (MEMORY.md, SOUL.md, USER.md, IDENTITY.md). Those files can contain sensitive information; the importer will read and send their contents to the local Ollama service. - Metadata omitted required binary ('curl'); the registry shows no required binaries despite the code depending on one. - Recommendations before installing: 1. Inspect the workspace files listed in import_memories.py and remove or redact sensitive data you do not want indexed. 2. If you plan to use the Node component, ensure 'curl' is available or modify index.js to use a proper HTTP client (fetch/axios) to avoid shell usage. 3. Decide which memory file path you want and update the files to be consistent (or run only the Python or Node implementation, not both). 4. Run the skill in an isolated environment/container if you are unsure about privacy implications. 5. If you need more assurance, ask the author for a brief justification for using shell curl and for correcting the path/metadata inconsistencies. Given these implementation issues (undeclared dependency, shell usage, and path mismatch) the skill is suspicious rather than clearly benign. If you understand and accept the risks and can apply the recommended mitigations, the functionality itself appears local and not overtly malicious.

Type: OpenClaw Skill Name: river-memory Version: 1.0.0 The skill implements a local vector memory system using Ollama, but contains a significant security vulnerability in index.js where 'spawn' is used with 'shell: true' to execute curl commands, creating a potential path for command injection. Additionally, the bundle includes a script (import_memories.py) that automatically reads and indexes sensitive workspace files such as USER.md, IDENTITY.md, and SOUL.md; while this aligns with the stated purpose of a 'memory' system, the broad file access and the shell execution flaw warrant a suspicious classification.