ClawHub

Instruction Anchor Guard

v1.0.0

Preserve user-critical instructions across long sessions and context compaction. Use when users mark constraints as important/must/always/never/highest-prior...

0· 292·0 current·0 all-time
by@dalomeve
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (preserve critical instructions across compaction) align with the runtime instructions: parsing user messages for constraints, persisting them to a local ledger, and injecting them into planning. No unrelated credentials, binaries, or installs are requested.
Instruction Scope
SKILL.md directs the agent to parse user messages, create canonical anchor entries, and append them to files under workspace/memory (memory/anchors.md, memory/instruction-anchors.md, or .anchors.md). That behavior is appropriate for the stated purpose, but it does create persistent on-disk artifacts and places the agent in charge of redaction and not storing secrets—so operators should verify the agent enforces those safeguards in practice.
Install Mechanism
No install spec and no code files; instruction-only skills carry minimal install risk since nothing is downloaded or executed beyond the agent's normal behavior.
Credentials
No environment variables, credentials, or external service tokens are requested. The SKILL.md explicitly forbids storing tokens, API keys, passwords, and similar secrets in the ledger, which is consistent and proportional.
Persistence & Privilege
The skill persists anchors to local files and supports global/P0 anchors that can influence future agent behavior across turns/sessions. It does not set always:true, but the persistent ledger and support for global anchors means it can have long-lived influence; operators should confirm consent/confirmation flows for global or P0 anchors.
Assessment
This skill appears coherent, but before installing consider: (1) Confirm where anchor files will be written (workspace/memory paths) and whether those files are accessible to other processes or backups. (2) Test the confirmation flow for global/P0 anchors so high-impact rules require explicit consent. (3) Verify the agent actually redacts or refuses to persist secrets (tokens, passwords, PII) as the spec requires—don't assume enforcement. (4) Decide retention and deletion policy (expiry, archive, and /anchors delete) so anchors don't accumulate unexpectedly. (5) Run initial trials in a non-production environment to observe how anchors affect behavior, and ensure you can override or remove anchors when needed. (6) If multiple agents or users share the workspace, be aware global anchors may affect them too.

Like a lobster shell, security has layers — review code before you run it.

latestvk971hvf0pavhtxqzs71ha0q851823v0k

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

[ANCHOR] Clawdis

Comments