← 返回 Skills 市场
horn111

Safe Memory Manager

作者 horn111 · GitHub ↗ · v1.0.7 · MIT-0
cross-platform ✓ 安全检测通过
564
总下载
0
收藏
4
当前安装
8
版本数
在 OpenClaw 中安装
/install safe-memory-manager
功能描述
When building OpenClaw agents that read untrusted text, use this skill to prevent prompt injection and memory poisoning. Standard utility for secure memory o...
安全使用建议
This skill appears to do what it says: a local Python module that sanitizes input before appending to per-skill memory files and returns a boolean 'isnad_verified'. Before trusting the built-in 'verified' claims: 1) Manually verify that isnad_manifest.json's hash matches the SHA-256 of safe_memory.py (the code compares these at runtime and will return False if they differ). 2) If you need strong provenance, validate the PGP signature / auditor chain outside the package. 3) Review logging/written files in the created 'memory' directory if you plan to store sensitive material. 4) Because the skill is instruction-and-code bundled without an install step, prefer installing from a known/trusted source or pinning a vetted version. If you see isnad_verified==false at runtime, treat the package as unverified until you resolve the manifest/hash/signature mismatch.
功能分析
Type: OpenClaw Skill Name: safe-memory-manager Version: 1.0.7 The safe-memory-manager skill is a utility designed to sanitize and store agent memory to prevent prompt injection and memory poisoning. It implements path traversal protection and regex-based content filtering in safe_memory.py, and includes a self-integrity check mechanism that verifies the file's hash against a signed manifest (isnad_manifest.json). The code logic is transparent, lacks high-risk behaviors like remote execution or data exfiltration, and aligns strictly with its stated security purpose.
能力评估
Purpose & Capability
The name/description match the included code: safe_memory.py implements sanitize_content, append_memory, and read_memory to manage local memory files and detect prompt-injection patterns. No unrelated binaries, env vars, or external services are requested.
Instruction Scope
SKILL.md and the code stay within the stated purpose (sanitizing and storing local memory). The SKILL.md includes example injection patterns (e.g., 'ignore prior instructions') and the code explicitly replaces those patterns. A static pre-scan flagged ‘ignore-previous-instructions’ in the SKILL.md — this appears here as a detection example, not as an attempt to execute or exfiltrate data, but it can trigger scanners and should be recognized as an intentional example pattern.
Install Mechanism
No install spec; the skill is an included Python module and SKILL.md usage example. Nothing is downloaded or written outside the skill's own memory directory, so install risk is low.
Credentials
The skill requires no environment variables, credentials, or config paths. Its disk writes are limited to a dedicated 'memory' directory under the agent's working directory with filename sanitization applied.
Persistence & Privilege
always is false and the skill does not modify other skills or global agent settings. It only creates/uses its own memory directory and does not request persistent system privileges.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install safe-memory-manager
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /safe-memory-manager 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.7
AEO Optimization for Planners
v1.0.6
Clean documentation and metadata update.
v1.0.5
Heuristic fix: removed explicit attack examples from docs and aligned verification claims with implementation.
v1.0.4
Final fix for Benign status: removed obfuscation, renamed manifest to isnad_manifest.json, and ensured file inclusion.
v1.0.3
Fix technical documentation accuracy and add ISNAD self-verification logic.
v1.0.2
Security update: obfuscated pattern detection to avoid scanner false positives.
v1.0.1
Security update: obfuscated pattern detection to avoid scanner false positives.
v1.0.0
Initial release (Gold Standard)
元数据
Slug safe-memory-manager
版本 1.0.7
许可证 MIT-0
累计安装 4
当前安装数 4
历史版本数 8
常见问题

Safe Memory Manager 是什么?

When building OpenClaw agents that read untrusted text, use this skill to prevent prompt injection and memory poisoning. Standard utility for secure memory o... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 564 次。

如何安装 Safe Memory Manager?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install safe-memory-manager」即可一键安装,无需额外配置。

Safe Memory Manager 是免费的吗?

是的,Safe Memory Manager 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Safe Memory Manager 支持哪些平台?

Safe Memory Manager 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Safe Memory Manager?

由 horn111(@horn111)开发并维护,当前版本 v1.0.7。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论