ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Inner Life Core

v1.0.4

Your agent forgets who you are between sessions. It gives the same responses every day. It doesn't grow. inner-life-core fixes that. Gives your OpenClaw agen...

1· 681·4 current·4 all-time
byDanila@dkistenev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill is explicitly about maintaining agent state (emotions, drive, habits, relationship) and the files, templates, and scripts all read/write local memory files (memory/, BRAIN.md, tasks/). The only declared external requirement is jq, which is used for JSON manipulation and is appropriate for the task.
Instruction Scope
SKILL.md and the scripts limit their activity to creating and updating workspace-local files (memory/, tasks/, BRAIN.md, SELF.md). This matches the claimed functionality. Minor implementation note: the state utilities accept a jq filter/path and try to validate it via a regex; the filter is then passed directly to jq. While there are no network calls or explicit exfiltration, jq filters can be expressive — so untrusted jq expressions could read or transform more of the JSON workspace than the caller intended. The script's validation reduces risk but is not a formal sandbox of jq's semantics.
Install Mechanism
There is no network install step and no downloads. This is an instruction-only skill with bundled scripts/templates; nothing is pulled from arbitrary URLs or external release hosts during install.
Credentials
No environment variables, credentials, or external tokens are requested. The skill reads/writes only workspace-local files declared in SKILL.md and uses jq as the sole binary dependency — this is proportionate to the described purpose.
Persistence & Privilege
The skill does not request always:true, does not modify other skills' configs, and only creates/updates files inside the specified workspace (or defaults to CWD). Autonomous invocation is enabled by default but is typical for skills; there is no unusual privilege escalation.
Assessment
This skill is internally consistent with its goal of providing persistent, emotion-driven state for an agent. Before installing: (1) run the init script in a controlled workspace (not a system or highly-sensitive directory) so created files stay scoped to a project; (2) ensure jq is installed from a trusted source and consider its version — jq filters are executed locally and can be expressive; (3) review the templates (memory/*.json, BRAIN.md) to confirm no sensitive data will be written there; (4) if you plan to let the agent run autonomously, be aware it will read and update the files under the workspace and could surface their contents in outputs — keep secrets out of that workspace. If you want extra safety, run the scripts in a container or VM first to inspect behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fqappfawt6f3bsshh1ks7ah821psy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsjq

Comments