mnemospark 1.2.2 → 1.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +32 -20
- package/dist/cli.js +286 -107
- package/dist/cli.js.map +1 -1
- package/dist/index.d.ts +20 -6
- package/dist/index.js +259 -86
- package/dist/index.js.map +1 -1
- package/openclaw.plugin.json +1 -1
- package/package.json +2 -2
- package/skills/mnemospark/references/commands.md +1 -0
package/README.md
CHANGED
|
@@ -52,6 +52,20 @@ openclaw gateway restart
|
|
|
52
52
|
|
|
53
53
|
---
|
|
54
54
|
|
|
55
|
+
## OpenClaw Install Warning
|
|
56
|
+
|
|
57
|
+
If OpenClaw shows a warning about **dangerous code patterns** when installing or updating mnemospark—often mentioning shell execution (`child_process`), environment variables, and network access—here is what is going on.
|
|
58
|
+
|
|
59
|
+
mnemospark is an **OpenClaw plugin** that talks to **your configured mnemospark backend**, runs a **local HTTP proxy** for storage workflows, and can **invoke the `openclaw` CLI** and system tools when needed (for example creating archives with `tar` or running `npm` when you use the update command). Those features use the same low-level Node.js APIs—`child_process` and `fetch`—that security tools also associate with risky software, so the installer may warn you even when the behavior is intentional and benign.
|
|
60
|
+
|
|
61
|
+
We also read **environment variables** you set on purpose (such as `MNEMOSPARK_BACKEND_API_BASE_URL`, `MNEMOSPARK_PROXY_PORT`, or wallet-related settings) so you can configure the plugin without editing code. Automated scans sometimes flag “environment access + network” as a possible credential-stealing pattern. In mnemospark, that combination exists because the plugin is **configurable and networked by design**, not because we are harvesting your unrelated secrets.
|
|
62
|
+
|
|
63
|
+
mnemospark is **open source**. If you want extra assurance, review the repository, search for `child_process`, `process.env`, and `fetch`, and run your own tests in a safe environment. The warning helps keep the ecosystem safe; for mnemospark it reflects **capabilities**, not a finding of malicious intent.
|
|
64
|
+
|
|
65
|
+
Have ChatGPT or your favorite LLM evaluate the mnemospark codebase. Here's a [starter link](https://chatgpt.com/share/69ce6119-52cc-8394-b9f9-c06528d85ea7).
|
|
66
|
+
|
|
67
|
+
---
|
|
68
|
+
|
|
55
69
|
## Slash command reference
|
|
56
70
|
|
|
57
71
|
**Syntax**
|
|
@@ -141,17 +155,20 @@ The blockchain transaction is the payment record.
|
|
|
141
155
|
|
|
142
156
|
Optional unless noted. All names use the `MNEMOSPARK_` prefix.
|
|
143
157
|
|
|
144
|
-
| Variable
|
|
145
|
-
|
|
|
146
|
-
| `MNEMOSPARK_BACKEND_API_BASE_URL`
|
|
147
|
-
| `MNEMOSPARK_PROXY_PORT`
|
|
148
|
-
| `MNEMOSPARK_DOWNLOAD_DIR`
|
|
149
|
-
| `MNEMOSPARK_WALLET_KEY`
|
|
150
|
-
| `MNEMOSPARK_REMOVE_BACKUP_FILE`
|
|
151
|
-
| `MNEMOSPARK_DISABLED`
|
|
152
|
-
| `MNEMOSPARK_DISABLE_SQLITE`
|
|
153
|
-
| `MNEMOSPARK_SQLITE_STRICT`
|
|
154
|
-
| `MNEMOSPARK_PROXY_VERBOSE_404`
|
|
158
|
+
| Variable | Purpose |
|
|
159
|
+
| ------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
160
|
+
| `MNEMOSPARK_BACKEND_API_BASE_URL` | Base URL for the mnemospark backend API (required for the local HTTP proxy to forward storage calls). Example: `https://{api-id}.execute-api.{region}.amazonaws.com/{stage}`. |
|
|
161
|
+
| `MNEMOSPARK_PROXY_PORT` | TCP port for the mnemospark HTTP proxy (default `7120`). |
|
|
162
|
+
| `MNEMOSPARK_DOWNLOAD_DIR` | Directory where the proxy writes downloaded objects (default `~/.openclaw/mnemospark/downloads/`). |
|
|
163
|
+
| `MNEMOSPARK_WALLET_KEY` | Path to the wallet private key file when not using the default `~/.openclaw/mnemospark/wallet/wallet.key`. |
|
|
164
|
+
| `MNEMOSPARK_REMOVE_BACKUP_FILE` | After a **successful** cloud upload, delete the local backup archive under `~/.openclaw/mnemospark/backup/`. **Default when unset:** remove the file. Set to `0`, `false`, `no`, or `n` to keep it; `1`, `true`, `yes`, or `y` to remove. |
|
|
165
|
+
| `MNEMOSPARK_DISABLED` | Set to `true` or `1` to disable plugin registration. |
|
|
166
|
+
| `MNEMOSPARK_DISABLE_SQLITE` | Set to `1` to disable local SQLite (`state.db`); cloud commands that need local state will fail. |
|
|
167
|
+
| `MNEMOSPARK_SQLITE_STRICT` | Set to `1` so certain SQLite consistency checks (e.g. friendly-name verification after upload) throw instead of warning. |
|
|
168
|
+
| `MNEMOSPARK_PROXY_VERBOSE_404` | When `1`, `true`, or `yes`, the local HTTP proxy includes a `message` field on **404** responses describing supported paths. Default (unset) is a generic JSON body `{ "error": "Not found" }` only (reduces reconnaissance). |
|
|
169
|
+
| `MNEMOSPARK_CRON_AGENT_ID` | OpenClaw agent id used for the monthly renewal cron (default `mnemospark-renewal`). |
|
|
170
|
+
| `MNEMOSPARK_CRON_NODE_BIN` | Absolute path to `node` for renewal cron exec (default `/usr/bin/node`). |
|
|
171
|
+
| `MNEMOSPARK_DISABLE_OPENCLAW_PREREQ` | Set to `1` to skip automatic runbook application everywhere it runs (plugin load, CLI install/update; for advanced debugging only). |
|
|
155
172
|
|
|
156
173
|
---
|
|
157
174
|
|
|
@@ -160,20 +177,14 @@ Optional unless noted. All names use the `MNEMOSPARK_` prefix.
|
|
|
160
177
|
1. Install plugin
|
|
161
178
|
2. Fund Base wallet with USDC
|
|
162
179
|
3. Request quote
|
|
163
|
-
4. Execute upload
|
|
180
|
+
4. Execute upload (supports up to 5 GB files - multipart uploads coming soon!)
|
|
164
181
|
5. Confirm/list/download/delete as needed
|
|
165
182
|
|
|
166
183
|
---
|
|
167
184
|
|
|
168
|
-
##
|
|
169
|
-
|
|
170
|
-
If OpenClaw shows a warning about **dangerous code patterns** when installing or updating mnemospark—often mentioning shell execution (`child_process`), environment variables, and network access—here is what is going on.
|
|
171
|
-
|
|
172
|
-
mnemospark is an **OpenClaw plugin** that talks to **your configured mnemospark backend**, runs a **local HTTP proxy** for storage workflows, and can **invoke the `openclaw` CLI** and system tools when needed (for example creating archives with `tar` or running `npm` when you use the update command). Those features use the same low-level Node.js APIs—`child_process` and `fetch`—that security tools also associate with risky software, so the installer may warn you even when the behavior is intentional and benign.
|
|
185
|
+
## mnemospark Exec Approvals Runbook
|
|
173
186
|
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
mnemospark is **open source**. If you want extra assurance, review the repository, search for `child_process`, `process.env`, and `fetch`, and run your own tests in a safe environment. The warning helps keep the ecosystem safe; for mnemospark it reflects **capabilities**, not a finding of malicious intent.
|
|
187
|
+
On **OpenClaw 2026.4.x**, the **Mnemospark Renewal Agent Runbook** is applied when you install or update mnemospark (including `npx mnemospark install`, `npx mnemospark update`, `openclaw plugins install`, and when the gateway loads the plugin): it ensures a dedicated agent (`mnemospark-renewal` by default) with `tools.deny: ["subagents"]` and `tools.exec.ask: "off"`, updates `~/.openclaw/exec-approvals.json` so `/usr/bin/node` is allowlisted for that agent, and runs `openclaw config validate`. OpenClaw restarts the gateway when a plugin is installed or updated; mnemospark does not call `openclaw gateway restart` itself. After a **successful upload**, mnemospark registers the monthly renewal cron only (`--no-deliver`, `--agent`, and a `Command: /usr/bin/node …/dist/cli.js cloud payment-settle --renewal …` message). Override paths with `MNEMOSPARK_CRON_AGENT_ID` and `MNEMOSPARK_CRON_NODE_BIN` if your system differs.
|
|
177
188
|
|
|
178
189
|
---
|
|
179
190
|
|
|
@@ -183,6 +194,7 @@ mnemospark is **open source**. If you want extra assurance, review the repositor
|
|
|
183
194
|
- **402 payment required**: expected in challenge flow; ensure client retries with payment authorization.
|
|
184
195
|
- **Upload/storage backend errors**: verify cloud permissions (e.g. bucket access + IAM role rights).
|
|
185
196
|
- **Command not recognized**: confirm plugin installed and gateway restarted.
|
|
197
|
+
- **Renewal cron / exec failures after upload**: ensure mnemospark was installed or updated through the normal path so the runbook ran (gateway load, `npx mnemospark install`, or `openclaw plugins install`). If the gateway never loaded the plugin, run install again or restart the gateway.
|
|
186
198
|
- **One-step operation correlation**: run `./skills/mnemospark/scripts/debug-operation.sh <operation-id>` (or omit ID to use latest).
|
|
187
199
|
|
|
188
200
|
---
|