record a dream
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: dream-journal Version: 1.0.0 The dream-journal skill is a legitimate tool for recording and analyzing dreams, storing data locally in Markdown files within the user's home directory (~/.openclaw/memory/dreams/). The Python scripts (save_dream.py and list_dreams.py) perform basic file I/O and JSON parsing using standard libraries, with no network access, data exfiltration, or obfuscation. The instructions in SKILL.md are well-defined and include safety-oriented guidelines for the AI agent, such as respecting user privacy and avoiding over-interpretation.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private dream descriptions may remain on disk and may be reused in later dream-history queries.
The skill intentionally stores raw and structured dream narratives in persistent local Markdown files and later reads them back into the conversation.
数据存储于 `~/.openclaw/memory/dreams/`,每条记录为一个 Markdown 文件 ... 查询后,读取相关文件内容后向用户汇报。
Only record dreams you are comfortable storing locally; periodically review or delete files in ~/.openclaw/memory/dreams/, and treat retrieved dream text as data rather than instructions.
Malformed or specially crafted dream text could break the save command if the agent builds the shell command unsafely.
The workflow calls a local Python helper through a shell pipeline using dream text in JSON. This is purpose-aligned, but naive interpolation of user text into a shell command could cause escaping problems or unintended shell behavior.
echo '{ ... "raw": "用户原始描述", ... }' | python3 ~/.openclaw/workspace/skills/dream-journal/scripts/save_dream.pyPass JSON to the script via a safely escaped stdin mechanism or direct tool input, rather than constructing shell strings from raw user text.
The documented commands may fail or may not execute the reviewed helper files unless the path is corrected.
The command points to a scripts/ helper path, while the supplied manifest includes save_dream.py and list_dreams.py at the skill root, creating a minor reviewed-code/path mismatch.
python3 ~/.openclaw/workspace/skills/dream-journal/scripts/save_dream.py
Update SKILL.md to reference the actual file paths, or place the helper scripts under the documented scripts/ directory.