AI Persona OS

The skill is meticulously designed with a strong focus on security and preventing prompt injection. It contains no malicious code, data exfiltration, or persistence mechanisms. Key files like `SKILL.md`, `SECURITY-template.md`, and `references/security-patterns.md` explicitly instruct the AI agent on how to identify and reject prompt injection attempts, sanitize user input before execution, handle credentials securely, and obtain explicit user approval for any external or sensitive actions. The `scripts/security-audit.sh` is a defensive tool to scan the workspace for leaked credentials and injection patterns, not to exploit them. All file operations are confined to the `~/workspace` directory, and cron jobs are strictly opt-in, requiring user approval via the OpenClaw `exec` mechanism.