site-memory

Persistent memory for repeated browser work. Use when an agent revisits the same sites or flows and should load a few relevant notes up front, then save dura...

What to consider before installing: - This skill will create and use a persistent directory (default ~/.site-memory) and read/write markdown notes there; run the provided init script to create it if you accept that. - The package bundles a Chrome DevTools Protocol helper that can connect to your running Chrome and interact with open tabs (including pages where you are logged in). That is coherent with a browser-memory tool but is sensitive — only enable/use it when you explicitly approve the agent to inspect your browser session. - The SKILL.md contains prompt templates and directs the agent to run 'after-action' LLM passes; those are normal for this skill but mean you should restrict which agent tools are allowed during those passes (platform enforcement is separate). - The code enforces that reads/writes stay inside the memory root; it does not exfiltrate data to remote hosts. Still, avoid storing secrets or session tokens in notes (the skill itself warns this). - If you do not want browser access, remove or ignore the vendor/chrome-cdp-skill directory or do not run the cdp scripts. If you plan to allow Chrome access, inspect vendor/chrome-cdp-skill/README.md and the cdp daemon code to understand prompts and the Allow-debugging modal behavior. If you'd like, I can produce a short checklist of actions to safely evaluate or sandbox this skill before granting it access (for example: review vendor cdp code paths, run the scripts in a temporary user account, or configure SITE_MEMORY_HOME to a non-default path).

Type: OpenClaw Skill Name: site-memory Version: 1.0.0 The site-memory skill bundle provides a structured framework for an AI agent to maintain persistent notes about websites to improve browser automation efficiency. It includes a bundled CDP (Chrome DevTools Protocol) tool in the vendor directory for interacting with live browser sessions. Security-positive indicators include explicit instructions in memory-phrasing.mjs for the agent to avoid storing secrets or personal data, and a path traversal check in memory-core.mjs (resolveMemoryPath) to ensure file operations remain within the designated memory root (~/.site-memory). The browser interaction capabilities are high-privilege but aligned with the stated purpose and require the user to manually enable remote debugging in Chrome.