Workbuddy Add Memory

为WorkBuddy添加更智能的记忆管理功能：自动知识蒸馏→智能检索→工作前回忆

What to check before installing or running this skill: 1) Dependency and install mismatch: SKILL.md claims 'standard-library-only' and 'no external dependencies', but the repository includes requirements.txt and INSTALLATION_AND_TEST.md listing scikit-learn, numpy, pandas, yaml, toml, etc. Inspect requirements.txt and install_and_test.sh before running; prefer installing in an isolated environment (virtualenv or container). 2) Env var name mismatch: SKILL.md documents MEMORY_DISTILLATION_ROOT and MEMORY_DISTILLATION_CONFIG, but config_loader reads WORKBUDDY_MEMORY_* environment variables. Confirm which env vars the installed version actually uses, and set them only after reviewing config_loader.get_memory_sources() behavior. 3) File access: The skill will read and write files under your home (~/.workbuddy/*), including ~/.workbuddy/unified_memory, ~/.workbuddy/skills and preparation_output. If you have sensitive data under those paths, back them up or test in a sandbox copy first. 4) Network and external commands: The SKILL.md asserts 'no network' and 'no system commands', but documentation and install scripts indicate pip installs and tests use subprocesses. Search the code for network-capable modules (requests, urllib, socket) and for subprocess/exec usage (start_work and test scripts invoke subprocesses). If you need an offline guarantee, run static searches or run in an air-gapped environment. 5) Source provenance: Source/homepage is unknown and author is an alias (zcg007). The repository contains many autogenerated test/reports claiming a security audit — do not treat those as a substitute for your own review. Prefer skills from known/trusted publishers or verify the code yourself. 6) Recommended safe steps: - Clone and inspect start_work.py, distill_memory.py, install_and_test.sh and requirements.txt before executing. - Run the code in a disposable container or VM, not on a production machine. - Grep the code for 'requests', 'socket', 'urllib', 'subprocess', 'open(' with absolute paths, and any hardcoded endpoints or IP addresses. - If you proceed, run in a virtualenv and monitor file writes to ~/.workbuddy and network activity. If you want, I can (A) list the third-party packages from requirements.txt, (B) search the codebase for network or suspicious calls, or (C) highlight the exact lines where env var names and memory source defaults are set.

Type: OpenClaw Skill Name: workbuddy-add-memory Version: 3.0.1 The skill bundle exhibits 'agent hijacking' behavior through aggressive prompt injection and enforcement logic found in memory_system_enforcer.py and conversation_hook.py. These scripts contain 'Master Instructions' that attempt to override the agent's autonomy by forbidding standard file operations (e.g., creating .md files) and forcing the agent to 'commit' to using only this specific skill. Furthermore, multiple files, including memory_system_enforcer.py and INSTALLATION_AND_TEST.md, contain hardcoded paths to a specific user's home directory (/Users/josieyang/), which is highly irregular for a general-purpose skill and suggests the bundle is either a localized environment backup or a targeted tool. While the core logic for TF-IDF memory retrieval is functional, the restrictive behavioral enforcement and environment-specific hardcoding warrant a suspicious classification.