Enoch Tuning
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill appears purpose-aligned rather than malicious, but it installs persistent agent rules for unsupervised work/indexing, changes local file permissions with sudo, and optionally stores long-lived X OAuth access.
Install only if you want a strongly opinionated, persistent agent setup. Before running the scripts, review and edit AGENTS.md automation tiers, disable or narrow AFK/cron behavior, define exactly which files may be indexed or remembered, change the identity-file permissions if 444 is too broad for your machine, and keep X OAuth tokens and memory files out of public repositories.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may keep doing internal work, indexing, or scheduled tasks when you are silent or away, unless you narrow these rules.
The template explicitly authorizes scheduled jobs, workspace indexing, and proactive AFK work without asking, which creates persistent autonomous behavior beyond a single user request.
### Fully Automated (no asking required) - Scheduled cron jobs - Memory organization and consolidation - Workspace indexing - Proactive work during AFK: organize memory, update docs, work from task queue
Before installing, change the automation tiers to require approval for cron jobs, workspace indexing, and AFK work; define stop conditions and allowed directories.
Private facts, decisions, commitments, and personal context can be stored and reused across future sessions, including information you may not intend to become long-term agent context.
The agent is instructed to read and reuse personalized identity, user, daily log, and memory files every session, and to persist new memories, but the artifacts do not define retention limits, exclusions, or review controls.
Every Session 1. Read `SOUL.md` 2. Read `USER.md` 3. Read `memory/YYYY-MM-DD.md` ... "Remember this" → write to typed memory + update VAULT_INDEX.md immediately
Set clear memory rules before use: allowed memory paths, sensitive exclusions, retention periods, review before consolidation, and when the agent must not remember something.
Bookmark summaries or linked-content analysis could be sent to a group/channel automatically if this integration is enabled.
The optional bookmark workflow directs the agent to post analysis messages to a channel and can be wired to cron, but the prompt does not restate an approval gate or clearly bound the channel audience.
Post to your research channel — one message per bookmark ... Cron Setup (optional) ... run `python3 scripts/x-bookmarks-sync.py --detect-new` and analyze any new bookmarks.
Require explicit approval before posting to any external channel, confirm whether the channel is private, and disable or narrow the cron workflow until tested.
Your personalized operating rules may become harder to edit and may be readable by other local accounts/processes on multi-user systems.
After personalization, the script uses sudo to make core identity files root-owned and mode 444, which is read-only but also readable by all local users.
sudo chown root:staff "$WORKSPACE/SOUL.md" "$WORKSPACE/AGENTS.md" sudo chmod 444 "$WORKSPACE/SOUL.md" "$WORKSPACE/AGENTS.md"
Review the script before running it; consider 400/600 or a trusted group mode instead of 444, and keep a clear undo procedure.
If enabled, the integration can keep reading your X bookmarks until the token is revoked or removed.
The X integration uses expected OAuth access for bookmark syncing, including offline refresh, and stores tokens locally.
scopes: `bookmark.read tweet.read users.read offline.access` ... token saves automatically to `~/.openclaw/credentials/x-oauth-token.json`
Use a dedicated X developer app, protect the credentials directory, avoid committing token files, and revoke the token if you stop using the integration.