YggVersatly/clawvault
↗ GitHub🐘 An elephant never forgets. Structured memory system for AI agents.
634
Stars
60
Forks
4
Watchers
8
Open Issues
Safety Rating B
The repository appears to be a legitimate open source AI agent memory system. However, the README contains a reference to a meme coin token ('$CLAW') on pump.fun, which is an unusual inclusion in a developer tooling project and may indicate financial promotion or a speculative token scheme associated with the project. This does not constitute malicious code, but users should be aware of this association. No hardcoded secrets, malicious code patterns, or prompt injection attempts were identified. Dependency manifests were not available for review.
ℹAI-assisted review, not a professional security audit.
AI Analysis
ClawVault is a local-first, markdown-native structured memory system for AI agents. It provides persistent context across sessions using a file-based vault of categorized markdown documents, a typed knowledge graph built from wiki-links, hybrid BM25 + semantic search, and a set of 8 core primitives (Goals, Agents, State Space, Feedback, Capital, Institution, Synthesis, Recursion) modeled as CLI commands. It integrates with Obsidian for visualization, supports multiple LLM providers for compression and context generation, and offers session lifecycle management (wake/checkpoint/sleep) to prevent 'context death' between agent sessions.
Use Cases
- Providing AI agents with persistent memory that survives session resets and context window limits
- Building a local, human-readable knowledge base of decisions, lessons, and project state for AI-assisted workflows
- Integrating structured agent memory into Obsidian for graph visualization and Kanban task management
- Enabling multi-session continuity for autonomous agents via checkpoint/recover primitives
- Performing hybrid semantic + keyword search over accumulated agent memories and notes
Tags
Security Findings (4)
The README contains a reference to what appears to be a cryptocurrency token contract address ('$CLAW': 5Fjr82MTB8mvxkzi9FYtvrUsPiDGE2M29w3dYcZpump on pump.fun), suggesting a meme coin associated with the project. This is not a hardcoded secret but is a notable finding regarding potential financial promotion embedded in an open source project.
No malicious code patterns are visible from the repository content provided. All described functionality relates to memory storage, search, and session lifecycle management.
No manifest files (package.json, etc.) were provided for analysis; dependency vulnerability assessment could not be performed.
No prompt injection attempts detected in the README or provided content.
Project Connections
skyclaw
→ClawVault provides structured persistent memory storage that could directly serve as the memory backend for an autonomous agent runtime like skyclaw, which implements its own exponential decay λ-Memory system. ClawVault's markdown vault and hybrid search could complement skyclaw's agentic loop with richer, human-readable context persistence.
skyclaw
→Both projects address AI agent memory persistence. skyclaw's λ-Memory offers in-process decay-based memory within a Rust runtime, while ClawVault offers a local-first, markdown-native, file-based memory vault accessible as a standalone CLI or plugin — representing alternative architectural approaches to the same problem.