Back to skill
Skillv1.0.1
ClawScan security
Dr. Frankenstein · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 20, 2026, 5:49 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions are internally consistent with its stated purpose (creating scheduled 'hormonal' behaviors and a parentality preview); it asks the agent to read and write local agent files and generate cron jobs but does not request unrelated credentials or install external code.
- Guidance
- This skill is coherent with its stated goal: it personalizes an agent by reading local agent files, producing a hormone profile, and emitting cron job prompts. Before installing or enabling it, consider: 1) the skill will read SOUL.md, USER.md, MEMORY.md and memory/ — those files can contain private user information, so review them if you care about privacy; 2) the skill will suggest cron jobs and message prompts that, when applied, will cause autonomous, persistent behavior (regular messages to humans/other agents, journaling to disk). If you want to proceed, review the generated prescription carefully before executing any cron-install commands (especially any that would modify token budgets, send messages, or change permissions). If you are uncomfortable with automated outbound messaging or persistent crons, run the interview and prescription generation in a dry-run/isolated environment and apply changes manually after inspection.
Review Dimensions
- Purpose & Capability
- okName/description promise (injecting 'hormonal' cron jobs and a parentality preview) matches what the SKILL.md, templates, schemas, and the included parentality engine script actually do: run a conversational interview, compute a hormone/profile JSON, and produce cron job prompts and parenting suggestions. There are no unrelated required binaries, env vars, or external installers requested.
- Instruction Scope
- noteSKILL.md explicitly instructs the agent to read local agent files (SOUL.md, USER.md, MEMORY.md, memory/). It also instructs generation of cron prompts and to write logs into memory/dreams and memory/journal paths, and to message humans/contacts. These file reads/writes and outbound messaging are consistent with personalization and scheduled behavior but are privacy-sensitive and will give the skill access to any content in those agent files. The skill does not instruct reading unrelated system paths or secrets.
- Install Mechanism
- okInstruction-only skill with one included Python utility; there is no install spec or remote download. The README suggests a git clone into the user's OpenClaw workspace — that is a manual installation step and not an automated remote install by the skill. No URLs that would trigger arbitrary code execution were specified by an install step.
- Credentials
- okThe skill requests no environment variables or credentials. Some features (parentality token budget/top-up suggestions) imply the agent or a human may need to change resource quotas or permissions, but the skill itself does not request cloud keys or secrets. That is proportionate to the declared functionality; however, acting on token-topup suggestions would require separate privileged actions outside the skill.
- Persistence & Privilege
- noteThe skill produces persistent artifacts conceptually (cron job definitions and ongoing 'pills' that run on schedules). The registry flags show always:false and normal autonomous invocation. Because cron jobs cause repeated autonomous behavior and outbound messages, installing/activating the prescription will create persistent, autonomous activity in the agent environment — that is expected for this skill but something to be aware of before enabling.