Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Sage Decision Journal
v0.1.0A decision capture and review system that records every significant choice — with context, reasoning, and alternatives — so you can detect your own blind spo...
⭐ 1· 604·2 current·2 all-time
by@evanl1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
Name and description (decision capture/review) align with capturing and analyzing decisions. The declared dependency on 'sage-cognitive' is coherent (it uses identity/behavioral profile). However, the skill explicitly says it "runs silently alongside sage-cognitive" and listens to every conversation — that's broader than a simple on-demand journal and expands the scope of data collection beyond what some users would reasonably expect.
Instruction Scope
SKILL.md directs the agent to detect both explicit and implicit decisions across every conversation, infer unstated reasons, and store structured records. It does not specify storage location, retention policy, access controls, or allowed destinations for recorded data. That combination (automatic always-on capture + inference of private context + unspecified storage/transmission) creates a significant privacy and scope creep risk.
Install Mechanism
No install spec or code files are present (instruction-only), so there is no on-disk installer or third-party binary being fetched. That reduces supply-chain/code-execution risk, but being instruction-only also means behavior depends entirely on the host agent's implementation and the agent's memory/storage/config — which is not constrained by the skill.
Credentials
The skill declares no required environment variables or credentials, which superficially lowers credential risk. However, because it instructs automatic recording and later analysis, the absence of a declared storage destination or required credentials is notable: either the skill expects to persist data in the agent's memory (potentially exported elsewhere) or omits necessary details. The lack of explicit storage and access controls is disproportionate to the sensitivity of inferred context and makes data leakage possible.
Persistence & Privilege
The skill is not marked 'always:true', but SKILL.md says it "runs silently" and "you don't need to invoke it explicitly — it listens for decision signals in every conversation." That instructs autonomous, persistent monitoring behavior. Autonomous invocation combined with broad data capture (see instruction_scope) raises the blast radius for sensitive data collection even though the registry flags don't force always-on.
What to consider before installing
Before installing, confirm how and where captured decision records will be stored, who can access them, and how long they are retained. Ask the author: (1) Where are logs/records persisted (local agent memory, local disk, third-party service)? (2) If external storage is used, what endpoints and what credentials are required? (3) Is recording truly opt-in per conversation or per user, and can automatic capture be disabled? (4) Are there controls to review, export, and permanently delete stored decision records? (5) What data-minimization and access controls are implemented for inferred 'WHY' and contextual fields? If the author cannot provide clear answers, treat the skill as high-risk for privacy/exfiltration and prefer an on-demand workflow (manual capture only) or require encryption and explicit, auditable storage under your control.Like a lobster shell, security has layers — review code before you run it.
latestvk972re6z9gr0mc5p2y3j79dz3182mkme
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🪞 Clawdis