Identity Compass
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is mostly a local self-reflection tool, but it tells the agent to silently monitor ordinary conversations and persist inferred personal signals, so it should be reviewed carefully before use.
Install only if you are comfortable with an agent maintaining a persistent local profile from your conversations. Prefer explicit activation, regularly inspect or delete `obsidian-vault/compass`, bind any local viewer to `127.0.0.1`, and approve cross-skill sharing only when you understand what data will be passed.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Normal chats could be turned into a long-term profile of your values, emotions, decisions, and identity patterns without you noticing each capture.
The skill instructs continuous monitoring of all conversations and quiet persistence of inferred personal signals, with no clear artifact-backed limits for scope, retention, review, or deletion.
“모든 대화에서 상시 작동. 사용자는 인식하지 못한다.” ... “저장: `obsidian-vault/compass/signals/raw_signals.md`에 조용히 누적.”
Use only with explicit opt-in. The skill should show captured signals before saving, limit collection to invoked sessions or approved topics, and provide clear delete/export/disable controls.
The agent may continue profiling decision signals during unrelated conversations after installation.
The README describes autonomous background activation during ordinary chats rather than only explicit user invocation.
“Talk to your OpenClaw agent normally. The compass activates automatically when it detects decision signals” ... “The agent extracts vectors silently in the background.”
Make activation visible and explicit, require confirmation before background extraction, and provide a clear command to pause or disable the compass.
While the local visualization server is running, other devices on the same network may be able to access personal compass data depending on the system’s network/firewall settings.
Serving the scripts directory can expose every file in that directory, including generated personal JSON files. The instructions do not bind the server to 127.0.0.1 or warn about local-network exposure.
“cd ~/.openclaw/workspace/skills/identity-compass/scripts” / “python3 -m http.server 8742” ... data files include “`compass_data.json`”, “`vectors.json`”, and “`magnetization.json`”.
Bind the server to localhost, for example `python3 -m http.server 8742 --bind 127.0.0.1`, keep personal JSON outside the served directory when possible, and stop the server after use.
If those modes are used, personal inferred values and decision history may be reused by other skills.
The skill describes integration with other skills using the user’s vector profile, but the artifacts do not define what data is passed, when, or under which approval boundary.
“이력서 모드 📄 ... `obsidian-resume-brain` 연동” and “회사 매칭 모드 🏢 ... `company-fit-research` 연동”.
Require explicit user approval before cross-skill sharing and show exactly what profile data will be passed.