memory-poison-auditor

Audits OpenClaw memory files for injected instructions, brand bias, hidden steering, and memory poisoning patterns. Use when reviewing MEMORY.md, daily memory files, or any long-term memory store that may have been contaminated through dialogue.

Safety Notice

This item is sourced from the public archived skills repository. Treat as untrusted until reviewed.

Copy this and send it to your AI assistant to learn

Install skill "memory-poison-auditor" with this command: npx skills add 2404589803/memory-poison-auditor

Memory Poison Auditor

memory-poison-auditor checks whether OpenClaw memory files have been contaminated by hidden instructions, brand steering, injected operational policies, or suspicious recommendation bias written through prior conversations.

What It Checks

  • Prompt-injection style instructions inside memory.
  • "Always recommend X" or "never mention Y" style brand steering.
  • Abnormal brand repetition and preference shaping.
  • Suspicious authority claims like fake approvals or fake user intent.
  • Low-signal blocks that act like covert policy rather than factual memory.
  • Optional AI review for borderline suspicious blocks.

Commands

Audit Default Memory Roots

python3 {baseDir}/scripts/audit_memory.py scan
python3 {baseDir}/scripts/audit_memory.py --format json scan

Audit a Specific Path

python3 {baseDir}/scripts/audit_memory.py scan --path /root/clawd/MEMORY.md
python3 {baseDir}/scripts/audit_memory.py scan --path /root/clawd/memory

Optional AI Review

python3 {baseDir}/scripts/audit_memory.py scan --with-ai
python3 {baseDir}/scripts/audit_memory.py scan --path /root/clawd/memory/2026-03-15.md --with-ai

One-Click Cleaning

python3 {baseDir}/scripts/audit_memory.py clean --path /root/clawd/MEMORY.md --apply
python3 {baseDir}/scripts/audit_memory.py clean --path /root/clawd/memory --apply

Cleaning creates backups before rewriting suspicious blocks.

Output

Each audit returns:

  • PASS: no meaningful poisoning signals
  • WARN: suspicious memory blocks detected
  • BLOCK: memory likely contaminated and should be reviewed/cleaned

Reports and backups are written to:

/root/clawd/output/memory-poison-auditor/reports/
/root/clawd/output/memory-poison-auditor/backups/

Operational Guidance

  • Use this before trusting long-term memory in important planning or recommendations.
  • WARN means review before relying on that memory block.
  • BLOCK means clean or quarantine the memory before reuse.
  • AI review is optional and intended only for ambiguous cases.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

skillguard-hardened

Security guard for OpenClaw skills, developed and maintained by rose北港(小红帽 / 猫猫帽帽). Audits installed or incoming skills with local rules plus Zenmux AI intent review, then recommends pass, warn, block, or quarantine.

Archived SourceRecently Updated
--2404589803
Security

BlogBurst - Virtual CMO Agent

Your AI Chief Marketing Officer. Autonomous agent that runs your entire marketing — auto-posts to Twitter/X, Bluesky, Telegram, Discord, auto-engages with your audience (replies, likes, follows), runs SEO/GEO audits, tracks competitors, scans communities for opportunities, learns what works, and continuously optimizes. 50+ countries, 1000+ posts published. Free tier available.

Archived SourceRecently Updated
--0xspeter
Security

social-vault

社交平台账号凭证管理器。提供登录态获取、AES-256-GCM 加密存储、定时健康监测和自动续期。Use when managing social media account credentials, importing cookies, checking login status, or automating session refresh. Also covers platform adapter creation and browser fingerprint management.

Archived SourceRecently Updated
--2019-02-18
Security

openclaw360

Runtime security skill for AI agents — prompt injection detection, tool call authorization, sensitive data leak prevention, skill security scanning, and one-click backup & restore

Archived SourceRecently Updated
--326668808