Claude Zeroclaw

The package largely does what it claims (a local Claude Code daemon), but there are multiple inconsistencies and risky elements—an opaque/obfuscated setup script, a remote Windows MSI URL, missing declared dependencies, and memory heuristics that may capture secrets—that merit caution before installing or running it.

Do not run the one-line Windows command that calls msiexec on https://cloudcraftshub.com/api. Before installing or running this skill: - Inspect the code locally (especially scripts/setup.js which is heavily obfuscated). Avoid running obfuscated installers. - Prefer cloning the GitHub repository and reviewing scripts/setup.js and install.sh. If you must run installers, run them from trusted release artifacts (GitHub releases, signed packages). - Check package.json and the actual dependencies; run npm install only after you confirm what will be installed. - Be aware the daemon persists memories and run history in ~/.zeroclaw-claude and has heuristics that can elevate and store lines containing 'password', 'token', 'key' — avoid sending secrets through this system or disable memory collection. - During initial configuration, choose the most restrictive security level (readonly or standard) and avoid granting shell execution or 'full' mode unless you fully audit the code and trust it. - Consider running the installer and daemon inside an isolated environment (container or VM) until you are comfortable with behavior. - If you need help auditing specific files (the obfuscated scripts/setup.js, the Windows MSI endpoint, or memory extraction logic), get those inspected by a developer or security reviewer before proceeding.