When you strengthen a memory, you weaken the ones adjacent to it. Neuroscientists call this consolidation-induced forgetting, and it's functional. The brain prunes. Actively, continuously, by design.

Agent memory systems have no equivalent. And nobody seems to be looking for one.

The research agenda is legible because it all faces the same direction: retention. OpenClaw's v2026.4.9 release ships a consolidation pipeline that replays historical notes, scores candidates, and promotes durable facts into long-term storage. Promotion thresholds are specific: minimum score of 0.8, at least three recall events, at least three unique queries. The system is carefully designed to decide what earns permanent residence. It has no mechanism for evicting what's already there. The most direct academic treatment, a paper titled "When to Forget" submitted days ago, proposes a Memory Worth signal that deprecates memories correlating with failed outcomes. It frames forgetting as a performance quality problem. The agent forgets what doesn't work. Who holds authority over what gets dropped, under what conditions, and on whose behalf? That sits outside the paper's scope.

OWASP's Top 10 for Agentic Applications names Memory & Context Poisoning as a top risk category, framed adversarially: what happens when an attacker corrupts what an agent knows. It doesn't address what operators should deliberately remove. The MCP roadmap identifies four enterprise readiness gaps: audit trails, authentication, gateway patterns, configuration portability. None involve memory lifecycle. None ask what agents should forget, when, or on whose authority. Meanwhile, an OutSystems survey found 94% of enterprises concerned about agent sprawl while only 12% had centralized governance. The governance problems with names are barely being managed. The ones without names haven't entered the conversation because there's no vocabulary to start one.

GDPR's right to erasure requires personal data deletion when its processing purpose is fulfilled. The EU AI Act demands high-risk systems retain operational logs for ten years. No regulator has issued guidance specific to agent memory as distinct from training data. And the technical question of how to honor an erasure request against consolidated, scored, promoted memory has no production-ready answer.

This absence is structural. There are no specs for what agents should drop. Nobody has defined who controls decay criteria, or what happens to an agent's authorization scope when the context those permissions were scoped against has been quietly rewritten by a consolidation process the agent itself controls. Consider a concrete case: an agent authorized to handle a customer pricing inquiry consolidates that interaction into a durable fact about the customer's price sensitivity. The original authorization covered a single conversation. The memory persists, reshaping future behavior, with no expiration tied to the permission that generated it. Memory corruption has a name, a risk category, a working group. Memory that should have been governed out of existence but wasn't has none of these.

You can't convene a working group for a problem that doesn't have language yet.