shieldcortex

Persistent memory system with security for AI agents. Remembers decisions, preferences, architecture, and context across sessions with knowledge graphs, decay, contradiction detection, and a 6-layer defence pipeline with Iron Dome behavioural protection. Use when asked to "remember this", "what do we know about", "recall context", "scan for threats", "run security audit", "check memory stats", or when starting a new session and needing prior context.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "shieldcortex" with this command: npx skills add Drakon Systems/shieldcortex

ShieldCortex — Persistent Memory & Security for AI Agents

Give your AI agent a brain that persists between sessions — and protect it from memory poisoning attacks.

Safety & Scope

This skill does not auto-install anything. All installation commands below are manual and require the user to explicitly run them.

  • No file writes on installclawhub install shieldcortex only copies this SKILL.md into your skills directory. No binaries, hooks, or config are touched.
  • Opt-in npm installnpm install -g shieldcortex installs the CLI and MCP server globally. Run only if the user explicitly wants ShieldCortex installed.
  • Local config onlyshieldcortex install writes MCP server configuration to the local agent's config file (e.g. ~/.config/claude-code/settings.json, ~/.codex/config.toml, or ~/.openclaw/settings.json). It does not modify system files, environment variables, or other agents.
  • No network calls without consent — the core package is fully local (SQLite database, local embeddings). Cloud sync and API key submission are entirely optional and off by default.
  • File scanning is path-targetedscan-skill scans a single file you point it at. It does not walk directories or read files beyond what you specify.
  • No credentials required — the base package needs no API keys, tokens, or accounts. Optional cloud features require an explicit shieldcortex config set-api-key step.

Description

ShieldCortex is a complete memory system with built-in security. It gives AI agents persistent, intelligent memory with semantic search, knowledge graphs, decay-based forgetting, and contradiction detection. Every memory write passes through a 6-layer defence pipeline that blocks prompt injection, credential leaks, and poisoning attacks. Iron Dome adds behavioural protection with action gates, security profiles, and full audit trails.

Use when:

  • You want your agent to remember things between sessions (decisions, preferences, architecture, context)
  • You need semantic search across past memories (not just keyword matching)
  • You want automatic memory consolidation, decay, and cleanup
  • You want knowledge graph extraction from memories (entities, relationships)
  • You need to protect memory from prompt injection or poisoning attacks
  • You want credential leak detection in memory writes (25+ patterns, 11 providers)
  • You want to audit what's been stored in and retrieved from memory
  • You want to scan agent instruction files (SKILL.md, .cursorrules, CLAUDE.md) for hidden threats
  • You want behavioural protection with Iron Dome (action gates, security profiles)
  • You want to guard any memory backend with the defence pipeline (Universal Memory Bridge)

Do NOT use when:

  • You only need simple key-value storage (use a config file)
  • You want ephemeral session-only context (use the agent's built-in context window)
  • You need a vector database for RAG pipelines (ShieldCortex is agent memory, not document retrieval)

Prerequisites

  • Node.js >= 18
  • npm or pnpm (or pip for Python)

Manual Setup

Run only if the user explicitly wants ShieldCortex installed. This skill file alone does not require installation — it serves as documentation and integration guidance.

npm install -g shieldcortex

Python SDK:

pip install shieldcortex

For OpenClaw integration (installs the cortex-memory hook into local OpenClaw config):

shieldcortex openclaw install

For Claude Code / VS Code / Cursor MCP integration (writes a local MCP server entry to the agent's settings file — does not modify system files or other agents):

shieldcortex install

Quick Start

As an OpenClaw hook (automatic)

After shieldcortex openclaw install, the hook activates on next restart:

  • Injects relevant past memories on session start
  • "remember this: ..." keyword trigger saves memories inline
  • Auto-memory (opt-in) — extracts important context on session end with smart deduplication

Enable auto-memory:

shieldcortex config --openclaw-auto-memory

CLI Commands

# Check status
shieldcortex status

# Scan content for threats
shieldcortex scan "some text to check"

# Full security audit of your agent environment
shieldcortex audit

# Scan a single skill or instruction file for hidden threats
shieldcortex scan-skill ./path/to/SKILL.md

# Build knowledge graph from existing memories
shieldcortex graph backfill

# Start the visual dashboard
shieldcortex --dashboard

As a Library (programmatic)

import {
  addMemory,
  getMemoryById,
  runDefencePipeline,
  scanSkill,
  extractFromMemory,
  consolidate,
  initDatabase
} from 'shieldcortex';

// Initialize
initDatabase('/path/to/memories.db');

// Add a memory (automatically passes through defence pipeline)
addMemory({
  title: 'API uses OAuth2',
  content: 'The payment API requires OAuth2 bearer tokens, not API keys',
  category: 'architecture',
  importance: 'high',
  project: 'my-project'
});

// Scan content before processing
const result = runDefencePipeline(untrustedContent, 'Email Import', {
  type: 'external',
  identifier: 'email-scanner'
});

if (result.allowed) {
  // Safe to process
}

// Extract knowledge graph entities
const { entities, triples } = extractFromMemory(
  'Database Migration',
  'We switched from MySQL to PostgreSQL for the auth service',
  'architecture'
);
// entities: [{name: 'MySQL', type: 'service'}, {name: 'PostgreSQL', type: 'service'}, ...]
// triples: [{subject: 'auth service', predicate: 'uses', object: 'PostgreSQL'}, ...]

Memory System Features

FeatureDescription
Persistent StorageSQLite-backed, survives restarts and compaction
Semantic SearchFind memories by meaning, not just keywords
Project ScopingIsolate memories per project/workspace
Importance LevelsCritical, high, normal, low with auto-decay
CategoriesArchitecture, decisions, preferences, context, learnings, errors
Decay & ForgettingOld, unaccessed memories fade — like a real brain
ConsolidationAutomatic merging of similar/duplicate memories
Contradiction DetectionFlags when new memories conflict with existing ones
Knowledge GraphExtracts entities and relationships from memories
Activation ScoringRecently accessed memories get retrieval priority
Salience ScoringImportant memories surface first in search

Security Features

LayerProtection
Input SanitisationStrip control characters, null bytes, dangerous formatting
Pattern DetectionRegex matching for known injection patterns
Semantic AnalysisEmbedding similarity to attack corpus
Structural ValidationJSON/format integrity checks
Behavioural ScoringAnomaly detection over time
Credential Leak DetectionBlocks API keys, tokens, private keys (25+ patterns, 11 providers)
Trust ScoringSource-based reliability scoring for memory writes
Audit TrailFull forensic log of every memory operation
Skill ScannerDetect prompt injection in SKILL.md, .cursorrules, CLAUDE.md

Iron Dome

Behavioural security layer that controls what agents can do:

  • Security Profilesschool, enterprise, personal, paranoid — each with tailored action gates and trust levels
  • Action Gates — gate dangerous actions (send_email, delete_file, api_call) requiring approval before execution
  • Injection Scanning — scan any text for prompt injection patterns with severity and category
  • Full Audit Trail — every action check is logged for forensic review

Universal Memory Bridge

Guard any memory backend with the defence pipeline — not just ShieldCortex's built-in storage. The bridge wraps your existing memory system with the full 6-layer security pipeline. It does not require any credentials or API keys — all processing is local.

import { ShieldCortexGuardedMemoryBridge, MarkdownMemoryBackend } from 'shieldcortex';

const bridge = new ShieldCortexGuardedMemoryBridge({
  backend: new MarkdownMemoryBackend('~/.my-memories/'),
});

Built-in backends: MarkdownMemoryBackend, OpenClawMarkdownBackend. Implement the backend interface for custom storage. No credentials are needed for the bridge — it runs entirely locally using the same SQLite + local embeddings as the core package.

ShieldCortex Cloud (Optional)

Sync audit data to a team dashboard for cross-project visibility. Cloud is entirely optional and disabled by default. No data leaves your machine unless you explicitly configure cloud sync with your own API key:

shieldcortex config set-api-key <your-key>

Free local package is unlimited. Cloud adds team dashboards, audit aggregation, and alerts. Cloud credentials are never required for any local functionality — the full memory system, defence pipeline, knowledge graph, and Iron Dome all work without any API key or account.

Links

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

Cortex Engine

Persistent cognitive memory for AI agents — query, record, review, and consolidate knowledge across sessions with spreading activation, FSRS scheduling, and...

Registry SourceRecently Updated
00
idapixl
Research

MindClaw

Structured long-term memory for AI agents with fact curation, conflict detection, importance scoring, timeline reconstruction, and OpenClaw integration.

Registry SourceRecently Updated
1162
Profile unavailable
Research

graphthulhu

Knowledge graph MCP server for Logseq and Obsidian. 37 tools for reading, writing, searching, and analyzing your second brain.

Registry SourceRecently Updated
0271
Profile unavailable