Pre-submission checklist
Bug Description
When @memtensor/memos-local-openclaw-plugin is used as the OpenClaw memory slot, cron runs can be contaminated by prior meta-discussion about the cron itself.
The plugin performs auto-recall in before_agent_start for every turn. For cron runs, it uses the cron prompt as the recall query, which causes it to retrieve previous conversations about prompt tuning, policy changes, debugging, and rerun requests for that same cron job.
Those recalled memories are then injected back into the scheduled run as system context, so the cron output drifts away from the actual task and starts replying with unrelated meta-discussion.
Observed effects include:
- cron output says things like “I already changed the cron”
- output summarizes previous human discussions about task policy
- output mentions rerun/debugging status instead of only executing the scheduled task
- session logs contain injected memory blocks beginning with:
## User's conversation history (from memory system)
This is especially harmful for autonomous scheduled jobs because it changes task semantics.
How to Reproduce
- Install and enable
@memtensor/memos-local-openclaw-plugin as the OpenClaw memory slot.
- Create an OpenClaw cron job with a stable name and repeated scheduled runs.
- Run the cron normally at least once.
- In regular chat, discuss this cron job several times, for example:
- ask why its output is wrong
- ask to rewrite its prompt or policy
- discuss whether it should trade or not trade
- ask for reruns, debugging, or cron body changes
- Let the cron run again.
- Observe that the cron output begins to include prior meta-discussion instead of only the intended scheduled task output.
A representative session key pattern is:
Relevant observations during reproduction:
- runtime logs showed auto-recall queries derived from the cron prompt itself
- session logs showed injected memory blocks starting with:
## User's conversation history (from memory system)
- disabling the plugin and resetting the cron session immediately stopped the contamination
Environment
- Repository:
MemTensor/MemOS
- Plugin package:
@memtensor/memos-local-openclaw-plugin
- Plugin version:
1.0.3
- OpenClaw version:
v2026.3.11
- Node.js runtime observed in gateway logs:
v22.20.0
- Deployment: self-hosted OpenClaw gateway on Linux via
systemd --user
- Plugin role: configured as the OpenClaw memory slot
- OpenClaw built-in memory search: disabled
Additional Context
This appears to be in the same problem family as existing issues/PRs around auto-recall and injected prompt contamination, but I could not find one specific to cron sessions.
From local investigation, the root cause appears to be:
- auto-recall runs for cron turns without any cron/session exclusion
- the recall query is built from the cron prompt itself
- the cron uses a stable session key namespace like
agent:main:cron:*
- prior meta-discussion about the cron becomes highly retrievable and is injected back into later runs
Suggested fixes:
- skip auto-recall by default for cron sessions, e.g.
agent:*:cron:*
- or add config such as:
autoRecall.excludeCron = true
autoRecall.excludeSessionKeyPrefixes
- or avoid using full cron prompts as recall queries
- or suppress recall of memories that are clearly meta-discussion about the current cron/job itself
Willingness to Implement
Pre-submission checklist
Bug Description
When
@memtensor/memos-local-openclaw-pluginis used as the OpenClaw memory slot, cron runs can be contaminated by prior meta-discussion about the cron itself.The plugin performs auto-recall in
before_agent_startfor every turn. For cron runs, it uses the cron prompt as the recall query, which causes it to retrieve previous conversations about prompt tuning, policy changes, debugging, and rerun requests for that same cron job.Those recalled memories are then injected back into the scheduled run as system context, so the cron output drifts away from the actual task and starts replying with unrelated meta-discussion.
Observed effects include:
## User's conversation history (from memory system)This is especially harmful for autonomous scheduled jobs because it changes task semantics.
How to Reproduce
@memtensor/memos-local-openclaw-pluginas the OpenClaw memory slot.A representative session key pattern is:
agent:main:cron:<jobId>Relevant observations during reproduction:
## User's conversation history (from memory system)Environment
MemTensor/MemOS@memtensor/memos-local-openclaw-plugin1.0.3v2026.3.11v22.20.0systemd --userAdditional Context
This appears to be in the same problem family as existing issues/PRs around auto-recall and injected prompt contamination, but I could not find one specific to cron sessions.
From local investigation, the root cause appears to be:
agent:main:cron:*Suggested fixes:
agent:*:cron:*autoRecall.excludeCron = trueautoRecall.excludeSessionKeyPrefixesWillingness to Implement