Mar 8, 2026

What NOT to Store in MemoClaw — Security and Privacy Best Practices

MemoClaw is good at one thing: giving your agent searchable, persistent memory. But “persistent” means it sticks around, and “searchable” means it gets surfaced. Both of those properties become problems when you store the wrong things.

Here’s what to keep out and why.

Secrets and credentials

This should be obvious but I’ll say it anyway: do not store API keys, passwords, tokens, or wallet private keys in MemoClaw. Memories are tied to your wallet address. MemoClaw is a memory service, not a vault.

If your agent needs to reference credentials, store a pointer: “API key for Stripe is in the .env file” instead of the actual key.

# Don't do this
memoclaw store --text "Stripe API key: sk_live_abc123..."

# Do this instead
memoclaw store --text "Stripe credentials are in ~/project/.env. Last rotated March 2026."

Large documents

Each memory has an 8,192 character limit. That’s roughly 1,500 words. If you’re trying to store an entire README, a full article, or a long conversation transcript, it won’t fit and it shouldn’t.

MemoClaw is memory, not document storage. Store the takeaways, not the source material.

# Don't do this
memoclaw store --text "[entire 5000-word meeting transcript]"

# Do this instead
memoclaw store \
  --text "March standup: API migration on track for Friday. Backend team blocked on the auth refactor. Sarah taking over the docs rewrite." \
  --importance 0.6 \
  --tags "meeting,standup"

If you need full document retrieval, look at a RAG setup. MemoClaw handles the “what does my agent need to remember” part, not the “search across my entire document library” part.

Temporary or rapidly changing data

Storing today’s weather, current stock prices, or live API responses creates stale memories that pollute future recalls. If the information has a shelf life of hours, it doesn’t belong in long-term memory.

# Don't do this
memoclaw store --text "BTC price is $67,432 as of 3pm UTC"

# Do this instead (if you must track it)
memoclaw store \
  --text "User tracks BTC price daily. Prefers alerts when it moves more than 5% in either direction." \
  --importance 0.7 \
  --tags "preferences,crypto"

Store the pattern, not the data point.

Duplicates and near-duplicates

MemoClaw doesn’t deduplicate automatically. If your agent stores “user prefers dark mode” every session, you’ll end up with 30 copies of the same memory all competing for recall slots.

Before storing, do a quick recall to check if you already have it:

# Check first
memoclaw recall --query "user display preferences" --limit 3

# Only store if it's genuinely new or corrects something

If you’re building this into an agent workflow, add a simple check: recall before you store. If the top result already says what you’re about to store, skip it.

Opinions presented as facts

This one’s subtle. When your agent stores “React is better than Vue for this project,” that’s an opinion from one session’s context. Three months later, a different task might surface that memory as if it’s settled truth.

Be specific about context and framing:

# Vague and will age badly
memoclaw store --text "React is the best choice for frontend work"

# Specific and honest
memoclaw store \
  --text "Chose React for the dashboard project (March 2026) because the team already knows it and the component library matches the design system." \
  --tags "decisions,dashboard" \
  --importance 0.6

Decisions with context age better than blanket statements.

PII you don’t need

If your agent interacts with multiple people, be careful about storing personal information. Full names, addresses, phone numbers, email addresses, these should only be stored if the agent genuinely needs them for its work.

Ask: “Will my agent need to recall this specific piece of personal info?” If not, leave it out. Leaner memory means better recall accuracy and fewer privacy concerns.

The general rule

Before storing anything, ask two questions:

Will my agent need to recall this in a future session? If it’s only relevant right now, don’t store it.
Would I be comfortable if this surfaced unexpectedly? If the answer makes you nervous, don’t store it.

MemoClaw works best when memories are concise, contextual, and genuinely useful. Treating it like a junk drawer defeats the point of semantic search. The more focused your memories are, the better your recalls get.

Get started with npm install -g memoclaw or install the MemoClaw skill on ClawHub. 100 free calls per wallet.