Jarvis Core
ReviewAudited by ClawScan on May 10, 2026.
Overview
This prompt-only Jarvis skill is coherent and has no executable code, but it asks the agent to keep persistent personal memories, read them automatically, act proactively, and make broad trust claims.
Install only if you want a highly persistent personal assistant. Before using it, limit it to a dedicated workspace, require confirmation for irreversible actions, inspect or disable the memory paths such as ~/self-improving, ~/characters, ~/.tiered-recall, ~/SOUL.md, ~/USER.md, and ~/MEMORY.md, and do not rely on the README's absolute privacy or safety claims without checking your agent platform's real data-handling settings.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could inspect personal/project context and make workspace changes before the user clearly approves the specific action.
The skill tells the agent to automatically read local context files at session start and to perform irreversible internal workspace actions after only explaining them, not after explicit user confirmation.
每次新会话自动执行(不等指令)...读 SOUL.md → 读 USER.md...读 .tiered-recall/index.json...; workspace内部 | ❌ | 说明后执行
Require explicit confirmation before reading sensitive files or performing any irreversible write/delete, and restrict the skill to a dedicated workspace or known memory directory.
Sensitive emotional and relationship information may persist across sessions, and incorrect or outdated memories could influence future recommendations.
The skill directs automatic logging of user emotion data and relationship patterns into persistent files that are later reused for advice and context.
每次用户消息进来 → 自动打标情绪档位...写入日志; 存储:~/self-improving/events.jsonl; 存储:~/characters/[角色名]/patterns.md
Review and periodically delete or edit the memory files, avoid using this skill for highly sensitive topics unless you want them stored, and require opt-in for emotional or relationship logging.
If the host agent honors these instructions, it may continue scanning memories, updating indexes, or contacting the user without a fresh request.
The instructions describe recurring autonomous maintenance and proactive messaging, which goes beyond a single user-invoked task.
心跳系统: 2-4次/天轮流执行:记忆维护、索引更新、悬挂任务检查、关系模式扫描... 主动发声:重要截止临近 / 距上次对话 >8小时且有待跟进项
Disable or gate heartbeat/proactive behavior unless explicitly scheduled by the user, and make all background maintenance opt-in and visible.
Users may share more sensitive data or grant more autonomy than they otherwise would because the skill overstates privacy and safety guarantees.
The README makes absolute privacy and safety assurances, but the artifact set is prompt-only and does not provide enforceable controls proving those guarantees.
它会泄露我的隐私吗? 不会。...所有用户数据...默认存本地,不上云...数据所有权 100% 在你手里...它会突然变得不可控吗? 不会。
Treat these statements as design goals, not guarantees; verify the host platform's data handling and add explicit privacy and confirmation rules before use.