Company Brain Core OS
PassAudited by VirusTotal on May 9, 2026.
Overview
Type: OpenClaw Skill Name: company-brain-os Version: 1.1.2 The bundle provides a local knowledge base system, but its installation process involves high-risk behaviors. The `install.sh` script uses a `curl | bash` pattern to install the Bun runtime and performs a `git clone` from a remote GitHub repository followed by `pip install`. While these actions are aligned with the stated purpose of setting up the environment, they represent significant attack surfaces for supply chain compromise and remote code execution without clear verification of the downloaded artifacts.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill may execute code that was not reviewed in these artifacts, so the real installed behavior could differ from the package under evaluation.
The installer depends on remote code and dependency files that are not included in the reviewed package, with no pinned commit, checksum, or lockfile shown.
curl -fsSL https://bun.sh/install | bash ... git clone --depth 1 https://github.com/CertainLogicAI/company-brain-os.git "$INSTALL_DIR" ... pip3 install -q -r "$INSTALL_DIR/requirements.txt"
Only install if you trust the author and upstream sources; prefer a packaged, pinned release with checksums and reviewed dependency lockfiles.
A compromised or changed remote installer could run arbitrary commands on the user's machine during installation.
If Bun is missing, the installer pipes a downloaded shell script directly into bash during setup.
if ! command -v bun &> /dev/null; then ... curl -fsSL https://bun.sh/install | bash
Avoid curl-to-bash installers; download, inspect, verify, and pin installer versions before execution, ideally inside a sandbox.
Incorrect or sensitive facts added to the local brain may persist and influence future agent answers.
The skill is designed to store and reuse facts/corrections as persistent agent knowledge.
**Self-improving** | Add facts via markdown files, brain auto-learns ... `proactive` → WAL writes to brain for persistence
Review what is added to the knowledge base, avoid storing secrets or sensitive personal data, and keep a clear way to edit or delete persisted facts.
Users or agents may over-trust answers from the knowledge base without independently checking important facts.
The artifacts make absolute reliability claims that are not substantiated by the bundled files.
100% verifiable ... No hallucinations ... Zero hallucinations. Every answer backed by stored knowledge.
Treat the knowledge base as a helpful local source, not a guarantee of correctness; validate important outputs.