OpenBrain Memory Provenance for OpenClaw: 4 Labels That Make Agent Recall Trustworthy
OpenBrain's memory provenance system tags every recalled fact as observed, inferred, confirmed, or imported. Here's why that changes agent reliability.
Four Labels That Separate Trustworthy Agent Memory from Confident Nonsense
OpenBrain’s memory provenance system ships with exactly four labels: observed from source, inferred by model, confirmed by user, imported from transcript. That’s the whole taxonomy. Four labels sounds almost trivially simple — until you’ve watched an agent confidently cite something it hallucinated three sessions ago as if it were a documented project decision.
The problem isn’t that agents forget. It’s that they remember wrong, and they do it with the same tone they use when they remember right. Provenance labels are the mechanism that breaks that equivalence.
This post is about why those four labels matter, how to wire them into your OpenClaw setup using the OpenBrain recipes, and what you should expect to go wrong the first time you try.
Why “the agent remembers things” isn’t good enough
When OpenClaw was primarily a demo — an agent that opens a browser, sends a message, buys a car — memory was mostly a personalization layer. The bot remembers you like TypeScript. Delightful. Slightly creepy. Fine.
Once OpenClaw matures into what it’s become in April 2026 — a runtime with task flows, durable multi-step orchestration, state and revision tracking, sub-agents that report back reliably — the memory requirements change completely. You’re not storing preferences anymore. You’re storing operational context: project conventions, architectural decisions, prior failures, unresolved questions, which files are risky, which tests catch regressions.
One coffee. One working app.
You bring the idea. Remy manages the project.
That kind of memory has a trust problem that preference memory doesn’t. If the agent incorrectly remembers that you prefer dark mode, the cost is a UI annoyance. If the agent incorrectly remembers that the team decided to deprecate the auth service, and acts on that during an incident response workflow, the cost is a production outage.
The question you need to answer for every piece of stored memory is: how did this get here, and how confident should I be in it?
That’s what provenance labels answer. And it’s why the OpenBrain personal AI memory database approach — user-owned, structured, queryable — is the right substrate for serious agent work rather than a chat transcript or a pile of markdown files.
What you need before you start
Before wiring up provenance-labeled memory, you need a few things in place.
An OpenClaw installation with task flow enabled. The memory provenance recipes are designed for serious workflows, not one-shot prompts. Task flow is OpenClaw’s orchestration layer above background tasks — it manages durable multi-step flows with their own state and revision tracking. If you’re still running OpenClaw as a simple chat agent, the provenance system will work but you’ll only see its value once you have multi-step loops running.
An OpenBrain setup. OpenBrain is a Supabase-based personal memory database connected to your agent via MCP. The OpenBrain GitHub repo now contains three recipes relevant here: the code review memory recipe, the task flow worklog recipe, and the memory provenance recipe. You want all three, but start with the provenance recipe — it’s the schema that makes the other two useful.
A provider manifest configured. This matters more than it sounds. OpenClaw’s provider manifest lets you swap the model brain at runtime without rebuilding the workflow. The provenance system is specifically designed for a brain-swappable world — memory that lives outside any single model, tagged in a way that any model can interpret correctly. If your workflow is still hardwired to one provider, you’re not getting the full benefit. The supported providers now include GPT-5.5 via Codex, the Claude API, Gemini, DeepSeek, Open Router, Ollama, LM Studio, and Gemma 4.
A clear workflow to instrument. Pick one workflow that already runs reliably. Code review, email triage, incident response — something with multiple steps and a history of runs. Don’t try to add provenance to everything at once.
Wiring in the four labels
Step 1: Install the memory provenance schema
Pull the memory provenance recipe from the OpenBrain GitHub repo. The schema adds a provenance field to every memory record with an enum of four values: observed_from_source, inferred_by_model, confirmed_by_user, imported_from_transcript.
It also adds three supporting fields: source_channel (where the memory came from — Slack, GitHub, a transcript file, a direct user message), model_used (which model wrote this memory entry), and confidence (a 0–1 float, primarily relevant for inferred memories).
Run the migration against your Supabase instance. The migration is non-destructive — it adds columns to existing memory tables rather than replacing them. Now you have a schema that can hold provenance-rich memory.
Step 2: Update your write-back prompts
Every place your agent writes to memory needs to be updated to include a provenance label. This is the step most people skip, and it’s why their provenance system ends up with everything labeled inferred_by_model by default.
Everyone else built a construction worker.
We built the contractor.
One file at a time.
UI, API, database, deploy.
The rule of thumb:
- If the agent read something from a file, a PR, a log, a dashboard, or any external source and is storing what it found:
observed_from_source. Include the source URL or file path insource_channel. - If the agent drew a conclusion from multiple observations — “based on the last three incidents, the auth service is the likely failure point” — that’s
inferred_by_model. Setconfidencebelow 0.8 unless the inference is very direct. - If a human explicitly told the agent something, confirmed a fact, or approved a draft:
confirmed_by_user. This is the highest-trust label. Treat it as instruction-grade. - If the memory came from importing a meeting transcript, a document, or a historical log file:
imported_from_transcript. This is distinct fromobserved_from_sourcebecause the source is a human-generated record rather than a live system state.
Write these rules into your agent’s system prompt for the memory write-back step. Be explicit. Models will default to vague labeling if you don’t constrain them.
Now you have a memory store where every entry carries a label that tells you how it got there.
Step 3: Update your retrieval prompts
Provenance labels are useless if retrieval ignores them. Update your pre-task retrieval prompt to filter and weight by provenance.
A practical pattern: retrieve all confirmed_by_user memories unconditionally — these are your ground truth. Retrieve observed_from_source memories with a recency filter (observations go stale; a deployment history from six months ago is less relevant than last week’s). Retrieve inferred_by_model memories with an explicit caveat injected into context: “The following are model inferences, not confirmed facts. Treat them as hypotheses.” Retrieve imported_from_transcript memories with a staleness check — transcripts are often historical and may not reflect current state.
This changes what the agent does with memory. Instead of treating all recalled context as equally authoritative, it knows which facts to act on directly and which to verify first.
Now you have retrieval that’s calibrated to trust level, not just relevance.
Step 4: Instrument the task flow worklog
The task flow worklog recipe records what a long-running agent attempted, what changed, what blocked it, and what the next agent should know. With provenance labels in place, the worklog becomes significantly more useful — each entry in the log carries a label indicating whether the recorded outcome was directly observed, inferred, or confirmed.
This matters especially for the incident response pattern. When your OpenClaw workflow is pulling from logs, dashboards, Slack, GitHub, runbooks, and deployment history simultaneously, the worklog needs to distinguish between “we observed the auth service throwing 502s at 14:32” (observed) and “we believe the root cause is the config change deployed at 14:15” (inferred). Those are different kinds of claims and they should be treated differently in the postmortem.
Wire the worklog recipe to write an entry at each task boundary. Include the provenance label, the model that ran the step, and the source channel. Now you have an auditable record of what happened and how confident the system was at each step.
Step 5: Add the code review memory recipe
The code review memory recipe stores reusable lessons from PRs: which files are risky, which tests catch regressions, architectural decisions, style preferences, the “we tried this and it broke staging” lessons that every real codebase accumulates.
With provenance labels, each lesson is tagged. A lesson extracted from a PR comment is observed_from_source. A pattern the agent inferred across multiple PRs is inferred_by_model. A convention that a team member explicitly confirmed is confirmed_by_user.
When the agent reviews the next PR, it retrieves these lessons with their provenance intact. It treats confirmed conventions as rules. It treats inferred patterns as suggestions worth checking. It treats observations as data points.
Now you have a code review memory that gets more useful over time without becoming an unaccountable pile of model-generated assertions.
Where this breaks
The labeling drifts. The most common failure mode is that the agent starts labeling everything observed_from_source because that’s the highest-confidence label and models have a bias toward appearing confident. Fix this by adding explicit examples to your write-back prompt — one example of each label, with the reasoning for why it got that label. Few-shot beats instruction-only here.
Confirmed memories become stale. confirmed_by_user is the highest-trust label, but humans change their minds. A convention confirmed six months ago may have been superseded. Add a confirmed_at timestamp to every confirmed memory and build a periodic review step that surfaces confirmed memories older than 90 days for re-confirmation. The OpenBrain memory wiki pattern supports this — it’s designed for active memory with provenance-rich recall, not a static archive.
The confidence float gets ignored. If you set confidence on inferred memories but your retrieval prompt doesn’t use it, you’ve added noise without adding signal. Make sure your retrieval prompt explicitly filters out inferences below a threshold (0.5 is a reasonable starting point) for high-stakes steps.
Provider switching breaks the labeling. When you swap the model brain via the OpenClaw provider manifest — moving from Claude API to GPT-5.5 via Codex, or routing a classification step to a local Gemma 4 instance — the new model needs the same write-back instructions. If your provenance labeling prompt lives only in a provider-specific system prompt, it won’t survive the swap. Put the provenance rules in the workflow-level memory write-back step, not in the model-level system prompt.
Transcript imports get mislabeled. Teams often import historical documents — old postmortems, meeting notes, architecture decision records — and the agent labels them observed_from_source because it “read” them. These should be imported_from_transcript. The distinction matters because transcript content is a human record of what happened, not a live observation of system state. Add an explicit check in your import pipeline.
Where to take this further
The provenance system is most valuable when it’s connected to the full OpenClaw memory stack: the memory wiki for structured project knowledge, active memory for in-session context, and the task flow worklog for cross-session continuity. If you’ve only instrumented one of these, the labels are useful but incomplete.
Remy doesn't build the plumbing. It inherits it.
Other agents wire up auth, databases, models, and integrations from scratch every time you ask them to build something.
Remy ships with all of it from MindStudio — so every cycle goes into the app you actually want.
The next layer is routing decisions based on provenance. If you’re running a multi-model workflow — a local Gemma 4 model for cheap background classification, GPT-5.5 via Codex for hard implementation work, Claude API for high-judgment architectural review — you can use provenance labels to decide which model handles which retrieval. Confirmed memories can be passed to cheaper models safely. Inferred memories with low confidence should go to the model with the best reasoning capability for that domain.
If you’re building workflows that need to survive model churn — and after April 2026, every serious OpenClaw builder should be — the provenance system is what makes that possible. Memory that lives outside any single model, labeled in a way any model can interpret, is the architecture that lets you swap brains without losing continuity. Platforms like MindStudio take a similar philosophy to the orchestration layer: 200+ models, 1,000+ integrations, and a visual builder for chaining agents and workflows, so the runtime stays stable while the underlying models change.
The OpenClaw best practices from power users cover a lot of the workflow configuration that makes this memory system actually run — model routing, sub-agent setup, cron scheduling. Worth reading alongside the provenance recipes.
For the code review use case specifically, the Claude Code memory architecture post covers how Claude Code’s own self-healing memory system uses a pointer index pattern — a useful reference when you’re designing how your provenance-labeled memories get indexed and retrieved.
If you’re building the full-stack application layer on top of these workflows — turning agent outputs into persistent records, dashboards, or user-facing tools — Remy is worth a look. You write the application as an annotated spec in markdown, and it compiles into a complete TypeScript backend, SQLite database, frontend, auth, and deployment. The spec is the source of truth; the code is derived output. That’s a natural fit when your agent is generating structured, provenance-labeled data that needs to surface somewhere useful.
The Hermes agent framework has been doing something similar with cross-session memory for a while — the Hermes vs OpenClaw comparison is useful context if you’re evaluating whether to build on OpenClaw’s memory system or Hermes’s built-in learning loop.
The four labels are simple. The discipline to apply them consistently is not. But once you have a memory store where every entry carries a clear account of how it got there, the agent stops being a system that confidently makes things up and starts being a system you can actually trust with real work.
That’s the line worth drawing.
