v2.0.0

Persona Forge

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 7:38 AM.

Analysis

Persona Forge appears to be a local logging/export tool for persona notes, with no evidence of network access, credential use, or destructive behavior, though it stores entries persistently and its setup/description are somewhat under-declared.

GuidanceBefore installing, understand that this appears to be a local logging tool for persona-related text, not a full character-generation engine. Avoid entering private information you do not want saved under ~/.local/share/persona-forge/, and confirm how the included Bash script is installed or invoked as the `persona-forge` command.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceMediumStatusNote

metadata

No install spec — this is an instruction-only skill. ... Code file presence: scripts/script.sh

The registry framing says there is no install mechanism, while the artifact set includes a shell script and the documentation expects a `persona-forge` command. This is an incomplete/under-declared setup contract, but the provided script content aligns with local logging behavior.

User impactA user may need to understand how the included shell script becomes the documented command before relying on the skill.

RecommendationConfirm the expected install or invocation method and review the included script before wiring it into an agent workflow.

Human-Agent Trust Exploitation

SeverityInfoConfidenceHighStatusNote

SKILL.md

Character creator with profiles, backstories, personality traits, relationships, character arcs. ... When called with input, it records a new timestamped entry.

The headline description suggests character creation, while the operational description says commands primarily record and display log entries. This looks like a capability/expectation mismatch rather than harmful deception.

User impactUsers may expect the skill to generate complete characters, but the artifacts show it mainly stores and organizes text that the user or agent provides.

RecommendationTreat the skill as a local persona note tracker/exporter unless additional artifacts clearly provide actual generation logic.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

SKILL.md

All data is stored locally in `~/.local/share/persona-forge/` ... `history.log` records all write operations ... `search <term>`| Search across all log entries

The skill explicitly stores user-provided persona entries in persistent local logs and later retrieves or exports them. This is expected for the stated local logging workflow, but persistent user text can contain private character notes or prompts.

User impactPersona ideas, names, backstories, traits, and prompts entered into the tool may remain on disk and appear in future searches, recent-history views, or exports.

RecommendationUse it for non-sensitive persona data, review exported files before sharing them, and delete ~/.local/share/persona-forge/ if you want to clear stored entries.