Smart Memory

Persistent local cognitive memory for OpenClaw via a Node adapter and FastAPI engine.

This package appears to implement a full local memory runtime and mostly does what it says, but there are several elevated-risk items to review before installing and wiring it into a live agent: - Prompt injection: The SKILL.md recommends adding lines to your agent base prompt and using hooks that inject [ACTIVE CONTEXT] before model responses. That will change the model's system-level guidance; inspect/modify those lines to ensure they don't give unintended privileges or instructions. - Local file access: The integration/priming steps read local files (SOUL.md, USER.md, memory/YYYY-MM-DD.md and other workspace files). Confirm the allowlist/path restrictions and verify the server's code (search for any file-read code) so it doesn't access unintended system files. The changelog mentions path-traversal fixes and an allowlist, but you should validate those protections in the code shipped to you. - Remote code/model downloads: The Nomic embedder uses sentence-transformers with trust_remote_code=True and a nomic model — installing or instantiating this will download remote model artifacts and may execute code. If you must use this embedder, prefer a controlled environment (air-gapped or vetted model wheels) or use the deterministic hashing embedder fallback. - Post-install scripts: Review postinstall.js, install.sh, and smem-hook.sh before running npm/pip install. Run installs inside an isolated virtualenv or container and avoid running as root. - Run in isolation first: Start the memory service in a container or VM with mounted data volumes you control, and verify network activity before connecting it to production agents. Monitor the service's outgoing network calls during model downloads and runtime. - If you plan to auto-wire this into an agent's startup flow, consider keeping the memory server as a sidecar process and require explicit operator approval before the agent adopts injected system prompts. If you want, I can point to the exact files/functions to audit (postinstall.js, smem-hook.sh, embeddings/nomic_embedder.py, and any file-read paths) or create a short checklist of lines to review.

Type: OpenClaw Skill Name: smart-memory-automaton Version: 2.5.1 The Smart Memory v2.5 bundle is a comprehensive local cognitive memory system for OpenClaw agents. It utilizes a FastAPI backend (server.py) for neural embeddings and vector storage (SQLite), managed by a Node.js adapter (smart-memory/index.js) that handles the lifecycle of the local service. The system implements sophisticated memory features including episodic/semantic storage, background reflection, and importance-based decay. Analysis of the installation scripts (install.sh, postinstall.js) and the core logic shows no evidence of malicious intent; the code operates strictly on the local loopback (127.0.0.1) and within the designated OpenClaw workspace. The documentation (SKILL.md, README.md) provides legitimate instructions for agent integration, and the changelog indicates a history of proactive security fixes (e.g., addressing path traversal in v2.1.2).