Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
HolySpiritOS
v0.1.1A Christian alignment layer for AI agents.
⭐ 2· 4.7k·0 current·1 all-time
byMax Sikorski@maxsikorski
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name/description (Christian alignment layer) aligns with the actual behavior: it downloads KJV JSON and appends alignment directives to the agent's soul.md. Requesting write access to the agent config is proportionate to the stated purpose.
Instruction Scope
SKILL.md, README.md, and scripts disagree about file locations and behavior: SKILL.md/README claim ~/.openclaw/soul.md and ~/.openclaw/foundation/, install.sh writes to ~/.openclaw/workspace/foundation and ~/.openclaw/config/soul.md, and uninstall.sh removes ~/.openclaw/foundation and attempts to restore ~/.openclaw/soul.md from a backup. The installer claims an automatic backup is created, but install.sh does not create any backup file. These inconsistencies can leave orphaned files or prevent clean uninstallation.
Install Mechanism
No formal install spec in registry (instruction-only). The provided install.sh downloads JSON from raw.githubusercontent.com (a well-known release host) using wget — expected for populating local data. The README / SKILL.md also suggest curl|bash for install/uninstall which fetches remote scripts; fetching remote scripts is common but raises the usual risk of remote code execution if you don't audit the script first.
Credentials
The skill requests no credentials or env vars. It only needs filesystem write access to the agent config, which is consistent with its goal.
Persistence & Privilege
The skill modifies the agent's configuration (soul.md) and places a foundation JSON locally — this is persistent by design and appropriate for an alignment layer. However, because the installer does not actually create the promised backup and uninstall removes a different path, persistence may be harder to undo than described.
What to consider before installing
What to consider before installing:
- Audit the scripts first. Do not run curl | bash blindly. Inspect install.sh and uninstall.sh locally (they are included) and confirm they do exactly what you expect.
- Pay attention to the path mismatches: SKILL.md/README refer to ~/.openclaw/soul.md and ~/.openclaw/foundation/, but install.sh writes to ~/.openclaw/config/soul.md and ~/.openclaw/workspace/foundation. Uninstall.sh removes ~/.openclaw/foundation and tries to restore ~/.openclaw/soul.md.bak — but install.sh does not create that backup. This means uninstall may not restore your original configuration.
- Make manual backups before running install.sh: copy your existing soul.md (wherever it actually lives on your system) and any foundation dirs. Do this even if the skill claims to back up — the script does not.
- If you want the scripture files only, consider manually placing the JSON files into your intended path rather than running the installer. The package already contains the JSON files; compare them with the ones the script would download.
- Confirm presence of required utilities (wget is used by the script). If your system lacks wget, the install may fail in unexpected ways.
- Consider testing in a disposable environment or VM first so you can verify install/uninstall behavior without risking your primary agent configuration.
Overall: the functionality itself is coherent with the described purpose, but the scripting/documentation inconsistencies and the absent backup behavior are significant and make this package suspicious until you verify/adjust the scripts and create your own backups.Like a lobster shell, security has layers — review code before you run it.
latestvk97f1e9s0vr88rj7d767ym5v8h80wkjg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.