ClawHub

OpenClaw Lobster Soul Forge

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed creative persona generator that can run a local randomizer and create persona files only as part of its stated purpose.

Install this only if you want a creative OpenClaw persona generator. Before letting it write files, confirm the target directory and whether SOUL.md or IDENTITY.md already exist, and review the generated persona before using it as active agent configuration.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
86% confidence
Finding
Broad trigger phrases increase the chance of accidental skill activation in unrelated conversations, which can cause the agent to enter a persona-building workflow unexpectedly. In an agent system, unintended activation can lead to inappropriate tool use, file writes, or prompt steering outside the user's actual intent.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger detection table contains ambiguous phrases such as 'Random', 'Surprise me', and 'Pull' without strict scope checks. In a multi-skill environment, this can misroute normal user requests into this skill, causing unintended persona generation behavior and downstream side effects like file creation guidance.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill directs the agent to write SOUL.md and IDENTITY.md to disk, with a default of the current working directory, but does not provide a strong safety gate around filesystem modification. In practice, this can lead to unintended overwrites or writes into sensitive project directories if the user does not fully understand the side effect.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The template explicitly instructs the agent to proceed from blueprint output to writing SOUL.md and IDENTITY.md files after only asking for a target directory, but it does not require a clear user-facing warning that files will be created or overwritten there. In an agent setting, this can lead to unintended filesystem modification, especially if the user does not fully understand that confirming the directory triggers file writes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal