首页龙虾技能列表 › Memory Ops — 技能工具

Memory Ops — 技能工具

v0.1.2

[自动翻译] Manage mandatory PostgreSQL memory operations with context retrieval, prompt logging, delegation tracking, and audit event recording using Memory_open...

1· 433·2 当前·2 累计
by @ianleme (Ianleme)·MIT-0
下载技能包
License
MIT-0
最后更新
2026/4/10
安全扫描
VirusTotal
可疑
查看报告
OpenClaw
可疑
medium confidence
The skill's files and instructions match its stated purpose (managing a Postgres-backed memory store) but contain notable incoherences and privacy risks — most importantly it assumes a database exists and will be written to while declaring no connection/credential requirements, and it hardcodes a single user/agent context.
评估建议
Before installing: (1) Ask the author to explicitly list how the agent connects to the database (required env vars or connection string) and do not provide DB credentials unless you control the target database. (2) Verify the DB, schema, and sample data are deployed in an isolated/test database you control. (3) Remove or parameterize the hardcoded user_id='ian' and agent='jarvis' values so the skill cannot accidentally write other users' data. (4) Confirm where embeddings come from and whether a...
详细分析 ▾
用途与能力
Name/description claim Postgres + pgvector memory ops, and the included SQL/schema/templates implement exactly that. However the skill does not declare any way to connect to the database (no env vars, no connection path). That is an incoherence: it requires DB access in practice but asks for no credentials or config. Also many queries hardcode user_id='ian' and agent='jarvis', which is not general-purpose and suggests the package is tailored to a single account/agent.
指令范围
SKILL.md instructs the agent to read memory before responding, save user prompts, log delegations and audit events — all consistent with the stated goal. It does not instruct any network exfiltration or access to unrelated system files. Missing are guidance about sanitization/filtering of secrets, retention policy, or how to obtain embeddings (the SQL expects a :query_embedding bind). The mandatory 'save every prompt/delegation' behavior increases risk of storing sensitive data if not filtered.
安装机制
Instruction-only skill with no install spec and no code files that execute. This minimizes install-time risk; nothing is downloaded or written by an installer.
凭证需求
The skill requests no environment variables or credentials but clearly needs database connection info (host/port/db/user/password or similar) and likely an embeddings model/key in real use. The absence of declared env vars is an inconsistency. Additionally, defaulting to a fixed user_id ('ian') and agent ('jarvis') may cause accidental cross-user data writes if reused in another environment.
持久化与权限
The skill is not always-enabled and does not request special platform privileges, which is good. However its runtime protocol mandates writing every prompt/delegation and an audit row per turn — this persistent logging is expected for a memory/audit system but is privacy-sensitive and should be constrained by retention/permission policies and explicit DB credentials.
安全有层次,运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发,无需署名。

运行时依赖

无特殊依赖

版本

latestv0.1.22026/3/1

- No functional changes; only metadata updated. - No user-facing, protocol, or implementation modifications included in this version.

● 可疑

安装命令 点击复制

官方npx clawhub@latest install memory-ops
镜像加速npx clawhub@latest install memory-ops --registry https://cn.clawhub-mirror.com

技能文档

Protocolo obrigatório (sempre)

  • Consultar memória principal antes de responder ou delegar.
  • Responder/delegar com contexto recuperado.
  • Salvar contexto do prompt do usuário.
  • Salvar contexto de cada delegação enviada para agentes.
  • Registrar auditoria do ciclo (read/write status).

Banco alvo

  • Database: Memory_openclaw
  • Extensão: vector
  • Tabelas: usar memories + memory_audit.

Regras de gravação

  • Não salvar segredos sensíveis sem necessidade explícita.
  • Priorizar fatos operacionais: objetivo, decisão, restrição, preferência, próximo passo.
  • Sempre incluir metadados mínimos: source, scope, agent, timestamp, kind.

SQL e esquema

  • Criar/atualizar esquema em: references/schema.sql
  • Queries de consulta em: references/queries.sql

Auditoria obrigatória

  • Registrar um evento em memory_audit por turno com:
- event_type: turn_cycle - read_ok: true/false - write_ok: true/false - details: JSON com contagens e ids

Handoff com agentes

Ao delegar para Alfred/Prompt Improver:
  • Salvar kind=delegation_prompt com prompt enviado.
  • Após retorno, salvar kind=delegation_result com resumo do output.
  • Só então consolidar resposta final ao usuário.

Implementação de referência

  • Script pronto: scripts/memory_ops_template.sql
  • Se precisar adaptar dimensão de embedding, ajustar coluna vector(1536) conforme modelo.
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制

了解定制服务