Safety Report

Memory Maintenance

Name: Memory Maintenance
Rating: 3 (4 reviews)
Author: MaxLaurieHutchinson

Intelligent memory management for OpenClaw agents. Reviews daily notes, suggests MEMORY.md updates, maintains directory health, and auto-cleans old files. Recommended for agents with growing memory footprints.

1,280Downloads

3Installs

4Stars

1Versions

File Management2,100 Notes & Knowledge902 Legal & Compliance738 Healthcare460

Security Analysis

medium confidence

Suspicious0.08 risk

The skill largely does what it says (reviews local memory files and proposes maintenance) but contains several implementation issues and privacy risks (hardcoded user paths, sourcing of a .env that exports all env vars, and sending local notes to the Gemini CLI) that make the package inconsistent or surprising for general use.

Feb 11, 20268 files5 concerns

Purpose & Capabilitynote

The declared requirements (gemini CLI, jq, GEMINI_API_KEY) align with the stated purpose of running LLM-based reviews and JSON processing. Requiring GEMINI_API_KEY is appropriate for calling Gemini. The binaries and config referenced are proportionate to a memory-review skill.

Instruction Scopeconcern

The runtime instructions and scripts read lots of user-local files (memory/YYYY-MM-DD.md, MEMORY.md, USER.md) and package their contents into a prompt sent to the Gemini CLI. That is expected for a review tool, but it means potentially sensitive local data is transmitted to an external model. Also the scripts export and source a workspace .env (see env/credential concerns below).

Install Mechanismconcern

Installation is script-based (no remote download), which reduces supply-chain risk, but the scripts copy themselves into the user's workspace and add a cron job. Multiple scripts contain hardcoded absolute paths pointing at /Users/maxhutchinson/.openclaw/workspace instead of relying consistently on the configurable OPENCLAW_WORKSPACE or $HOME. That hardcoding is an implementation bug and causes incoherence (would fail or operate on the wrong path on other systems).

Credentialsconcern

The skill only declares GEMINI_API_KEY, which is reasonable. However the scripts source $WORKSPACE/.env with set -a (exporting all variables), making all .env entries available in the environment when the Gemini CLI runs. That raises the risk that unrelated secrets in .env could be present in the process environment and (depending on how the gemini CLI handles environment data or logs) could be exposed. The skill does not request other unrelated credentials, which is good, but the behavior of exporting an entire .env is disproportionate without explicit guidance.

Persistence & Privilegenote

The skill installs cron jobs and copies executable scripts into the workspace so it will run daily (persistent presence). always:false is set, so it is not forcibly injected into every agent, but the install creates a scheduled, autonomous job — this is expected for a maintenance tool but worth noting because it gives the skill recurring execution privileges on the host.

Guidance

Key things to consider before installing: - Privacy: The review script builds a prompt containing your recent daily notes, MEMORY.md, and USER.md and sends it to the Gemini CLI (external model). If those files contain sensitive data (passwords, tokens, personal data), they will be included in requests to an external service. Only install if you're comfortable with that or you sanitize files first. - .env export: The scripts source and export all variables from workspace/.env. Ensure that file does not contain other secrets you don't want exported or sent to the model. Consider giving GEMINI_API_KEY a restricted key or setting it only for this skill's runtime. - Hardcoded paths & portability: Several scripts use /Users/maxhutchinson/.openclaw/workspace hardcoded. This will likely fail or behave unexpectedly on other machines. Inspect and fix these paths (replace with OPENCLAW_WORKSPACE or $HOME/.openclaw/workspace) before installing broadly. - Review and test first: Run the review script in a safe test workspace (with non-sensitive sample files) to confirm behavior. Check where files are moved (archive/.trash) and verify the retention behavior meets your expectations. - Code quality issues: There are bugs (argument parsing in apply.sh mis-indents the --all handling) and rough edges; treat this as alpha software and review scripts before granting production use. - If you proceed: backup your workspace (or at least agents/memory and MEMORY.md), remove unrelated secrets from workspace/.env, and run install in a controlled environment. If you need strict privacy, do not use an external LLM or run the LLM step locally with a model you trust.

Latest Release

v1.0.0

Initial release: Intelligent memory management for OpenClaw agents

Popular Skills

self-improving-agent

@pskoett · 1,456 stars

Gog

@steipete · 672 stars

Tavily Web Search

@arun-8687 · 620 stars

Find Skills

@JimLiuxinghai · 529 stars

Proactive Agent

@halthelobster · 426 stars

Summarize

@summarize · 415 stars

Published by @MaxLaurieHutchinson on ClawHub