Bootstrap Review
v1.0.0Review an agent workspace's boot files (AGENTS.md, USER.md, SOUL.md, MEMORY.md, IDENTITY.md, TOOLS.md, and optional HEARTBEAT.md) against registry-backed con...
⭐ 0· 55·1 current·1 all-time
byGreg Tysick@gregtysick
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name and description match the runtime instructions: the skill audits boot files (IDENTITY.md, SOUL.md, USER.md, MEMORY.md, AGENTS.md, TOOLS.md, HEARTBEAT.md) against a registry-backed context. It does not ask for unrelated credentials, binaries, or services.
Instruction Scope
Instructions correctly limit reads to the registered supporting context and the agent workspace. The skill will read files under ~/.openclaw/registries and workspace-relative paths, and may create ~/.openclaw/registries/boot_context_registry.json if missing. Caution: the registry entries may point to absolute or mounted paths (including 'absolute_wsl' or 'path_registry_key' resolutions), so the actual files read depend on what the registry/path registry contains; ensure those registry entries do not reference sensitive system files.
Install Mechanism
No install spec and no code files — instruction-only skill. Nothing will be downloaded or installed by the skill itself.
Credentials
The skill declares no required environment variables, credentials, or external services. Its data access is filesystem-based and scoped to the registry and workspace described in SKILL.md, which is proportional to an auditor/refactor tool.
Persistence & Privilege
always is false and model invocation is normal. The skill may create or write its own registry file (~/.openclaw/registries/boot_context_registry.json) and may use a staging_dir in the workspace (e.g., .boot-review). These writes are reasonable for staging reviews, but users should confirm and control where staging directories are created.
Assessment
This skill appears coherent and limited to reviewing boot files. Before installing or running it: (1) Inspect ~/.openclaw/registries/path_registry.json and any boot_context_registry entries to ensure they don't resolve to sensitive system or personal files; (2) if you prefer, create a controlled boot_context_registry.json that only references the intended workspace paths; (3) be aware the skill may create a registry file and a workspace staging directory (e.g., .boot-review) — if you want to avoid writes, tell the skill to only run read-only audits; (4) because it can read files the registry points to, avoid registering secrets or private system paths in the registry. Otherwise the skill's requests and behavior are proportionate to its stated purpose.Like a lobster shell, security has layers — review code before you run it.
latestvk974y535pngdychpsmce7cqssh83qnp3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.