📦 Unified — 统一
v5.3.2Memory v5 提供分层内存管理系统,支持原子事务、智能去重、向量搜索优化及生命周期管理,确保一致性。
0· 25·0 当前·0 累计
by 安全扫描
OpenClaw
可疑
medium confidenceThe skill mostly looks like a coherent memory-plugin, but the SKILL.md contains prompt-injection patterns and instructions that could let it alter agent behavior or run arbitrary scripts; review and sandbox before installing.
评估建议
This package appears to implement a local memory system and is largely consistent with that purpose, but there are red flags you should address before installing or running it:
- Inspect SKILL.md and all documentation for any lines that explicitly say things like "ignore previous instructions" or "override system prompt" and remove or question them. These are prompt-injection attempts.
- Do not run any deploy/verify scripts referenced in the docs until you verify their contents. The manifest li...详细分析 ▾
ℹ 用途与能力
Name/description (unified memory, atomic transactions, vector search) align with the included code and docs: config paths (~/.unified-memory, ~/.openclaw/workspace), WAL/transaction logic, and vector backends are expected for a memory system. Some references (deploy scripts like ./deploy-atomic-fixes.sh, verify-repairs.sh) are present in documentation but corresponding script files are not listed in the manifest, which is inconsistent and worth checking.
⚠ 指令范围
SKILL.md contains detected prompt-injection tokens (ignore-previous-instructions, system-prompt-override). It also shows commands that run local deploy/verify scripts and node scripts under memory/.dreams, and documents reading/writing to home config paths. Those instructions could direct an agent to override prompts or execute arbitrary local scripts — behavior beyond simply 'memory management' and therefore risky without manual review.
ℹ 安装机制
There is no install spec in the registry entry (instruction-only), which reduces automatic installation risk. However the package includes large merged source (merged-src.js) and a package.json listing substantial dependencies; if you or npm install/run this package it will pull many packages (lancedb, chromadb, better-sqlite3, etc.). The docs/scripts referenced in SKILL.md (deploy/verify) are not present in the file list — verify whether missing scripts would be fetched from remote sources.
ℹ 凭证需求
The skill does not declare required env vars or credentials in the registry metadata, but its docs and code reference many environment/config values (HOME, UNIFIED_MEMORY_*, OLLAMA_URL, etc.) and default local service URLs. No external credentials are required by the registry listing, which is proportionate to a local memory plugin; still, the code will read HOME and write to user-local paths, and may connect to local model endpoints (e.g., Ollama) if configured.
⚠ 持久化与权限
always:false (good), but package.json declares OpenClaw hooks (before_prompt_build, agent_end). Hooks are expected for a memory skill, but combined with the prompt-injection patterns found in SKILL.md this increases the blast radius: a hook that runs during prompt construction plus text instructing agents to ignore prior/system instructions could allow manipulation of agent behavior. The skill also writes to per-user config and memory files under HOME, which is normal for a memory plugin but means persistent local data will be created.
⚠ merged-src.js:16446
Shell command execution detected (child_process).
⚠ merged-src.js:19
Environment variable access combined with network send.
⚠ merged-src.js:11
File read combined with network send (possible exfiltration).
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv5.3.22026/4/20
v5.3.2 - OPTIMIZED MERGED RELEASE: Smart packaging with merged source code (3.1MB) and documentation (320KB). Includes extraction tool and installation guide. Total: 3.5MB, 9 files. All features preserved: WAL protocol, evidence chain, auto-organization, transcript-first architecture, revision lifecycle, lane memory integration.
● Pending
安装命令
点击复制官方npx clawhub@latest install unified-memory-v5
镜像加速npx clawhub@latest install unified-memory-v5 --registry https://cn.longxiaskill.com