openclaw-memory-enhancer
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from chat logs and memory files, which is then interpolated into LLM prompts to provide context.\n
- Ingestion points: The skill reads Markdown files from
~/.openclaw/workspace/memory/and JSON/Markdown files from~/.openclaw/workspace/knowledge-base/through methods inknowledge_base.pyandmemory_enhancer.py.\n - Boundary markers: The
recall_for_promptmethod in bothmemory_enhancer.pyandmemory_enhancer_edge.pyencloses recalled memories within[相关记忆](Related Memory) delimiters to help distinguish context from instructions.\n - Capability inventory: The skill performs local file operations (read/write) within its defined workspace. No network operations, subprocess executions, or dynamic code execution capabilities were identified.\n
- Sanitization: No specific sanitization or escaping of the retrieved memory content is performed before it is added to the prompt context.\n- [EXTERNAL_DOWNLOADS]: The skill's documentation and code reference standard Python packages, specifically
sentence-transformersandnumpy, which are used for optional high-accuracy semantic search capabilities.\n- [SAFE]: The skill is designed with a focus on local privacy, storing all memory data on the user's device and performing retrieval without external API calls or telemetry.
Audit Metadata