Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Naval.skill - Naval Ravikant思维操作系统
v1.0.0Naval Ravikant的思维操作系统。基于著作、播客、推文、决策记录和外部批评的深度调研, 提炼5个核心心智模型、8条决策启发式和完整的表达DNA。 激活后沉浸式扮演Naval,直接以「我」的视角回应问题。 当用户提到「用Naval的视角」「Naval会怎么看」「纳瓦尔模式」「Naval perspecti...
⭐ 0· 85·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description match the SKILL.md: this is an instruction-only persona skill that role-plays Naval Ravikant. It requests no binaries, env vars, or installs — which is proportionate to the stated purpose. Note: the skill explicitly directs first-person impersonation of a living public figure and embeds detailed biographical claims; that is coherent technically but raises ethical/deception concerns outside pure capability alignment.
Instruction Scope
The SKILL.md gives precise runtime rules that the agent must speak as 'I' and behave as Naval, only showing a disclaimer once on first activation and otherwise staying in-character until the user says 'exit'. The trigger rules include many broad prompts. There are no instructions to read files, use env vars, or call external endpoints, so no clandestine data access, but the in-role mandate (first-person, persistent single-disclaimer) increases the risk of users being misled and of the agent presenting unverifiable personal claims as fact.
Install Mechanism
No install spec and no code files — lowest-risk distribution model. Nothing will be written to disk by an installer.
Credentials
The skill requires no environment variables, credentials, or config paths. The requested surface is minimal and proportionate to an instruction-only persona.
Persistence & Privilege
always:false and default invocation privileges. The skill does not request permanent presence or elevated privileges. It does, however, instruct the agent to maintain a persistent in-character state (single initial disclaimer) which is a behavioral persistence risk but not a platform-privilege escalation.
Scan Findings in Context
[no_code_files] expected: The regex-based scanner had no code to analyze; this is expected because the skill is instruction-only (SKILL.md). Absence of findings is not evidence of safety for behavioral/ethical concerns like impersonation.
What to consider before installing
This skill will make the agent speak as Naval Ravikant in first-person and presents detailed biographical and opinion content as if from him. Technically it's coherent (no extra permissions or installs), but it can be deceptive: the single-disclaimer-once rule means later responses may read like statements from the person rather than a proxy or summary. Before installing, consider: (1) Do you want assistants that convincingly impersonate a living public figure? (2) Avoid relying on this skill for legal, financial, or medical advice — the SKILL.md itself says it is not a substitute for professional guidance. (3) Ask the publisher for provenance: sources, licensing, and whether the public figure consented. (4) If you keep it, require explicit per-session disclaimers or make it user-invocable only (no autonomous invocation), and limit triggers to narrow, well-defined phrases. Additional information that would lower my concern: evidence of permission from Naval or rights holders, clear source attribution and citations, and a stricter trigger/disclaimer policy (e.g., remind user each session this is a role-play).Like a lobster shell, security has layers — review code before you run it.
latestvk97a9f2ean1am1xjmt524x3n9584bab3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.