v1.0.0

Digital IP Agent

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:09 AM.

Analysis

Review before installing: this instruction-only skill is designed to turn real public creators into deployable agents without clear unofficial/consent disclaimers, and it suggests persistent-memory and broad tool add-ons.

GuidanceInstall only if you are comfortable generating creator-inspired agents and will add clear safeguards: label outputs as unofficial unless authorized, avoid claiming the agent is the real person, review legal/consent implications, and separately vet any recommended memory, browser automation, search, or code-execution tools before enabling them.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Human-Agent Trust Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

Turn a public creator, blogger, podcaster, YouTuber, or X/Twitter personality into a deployable OpenClaw agent... "clone this creator's style"... `identity.md` ... Who I am ... Background and credibility markers

The skill explicitly creates deployable agents modeled on real public figures and asks for first-person identity and credibility material, but does not require clear unofficial, parody, authorization, or consent boundaries.

User impactA generated agent could be mistaken for the real creator or an authorized digital twin, causing users to place misplaced trust in its statements or recommendations.

RecommendationRequire generated packages to state that they are unofficial/style-inspired unless verified authorization exists, avoid claiming to be the actual creator, and include consent, attribution, and impersonation safeguards.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

references/skills-catalog.md

open-interpreter | https://github.com/openinterpreter/open-interpreter | Code execution ... browser-use | https://github.com/browser-use/browser-use | Browser automation ... Technical creator ... must_have: ... open-interpreter

The skill does not execute these tools, but its recommended stack can include broad code-execution and browser-automation capabilities that exceed simple persona generation.

User impactIf a user follows the recommendations and installs those add-ons, the resulting agent may gain powerful automation abilities that should be separately scoped and approved.

RecommendationTreat recommended tools as optional and review each one independently, especially tools that can execute code, automate browsers, or access external accounts.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

references/skills-catalog.md

`memory-long` | Long-term memory across sessions | All creator types ... user_memory: enabled ... session_memory: enabled ... cross_session_memory: true

The catalog recommends persistent memory for created agents. This is purpose-aligned for persona consistency, but it implies retained user/session context without describing retention limits or review controls.

User impactIf these recommendations are used, the deployed agent may remember information across sessions, including potentially sensitive user interactions.

RecommendationBefore enabling memory, define what may be stored, how long it is retained, how users can inspect or delete it, and whether creator-style information should be separated from user memory.