Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (舆论导向、品牌战略 / Public influence) align with the provided capabilities: the skill is a 'public relations' digital worker that saves user preferences, decisions, and context for future responses. The persistent-memory code and usage scenarios are coherent with a stateful assistant for brand strategy.
Instruction Scope
SKILL.md contains explicit Python snippets that read/write a local file at ~/.openclaw/pv_palace/memories.json and instructions that claim these functions are 'automatically called' in several scenarios. This stays within the stated purpose, but there are two concerns: (1) the snippets reference a pv_memory import (pv_memory module/file) that is not provided in the skill package (incoherence between examples and included artifacts); (2) memory is stored unencrypted and permanently unless user removes it — the skill gives no guidance on consent, retention policy, or deletion.
Install Mechanism
No install spec, no downloads, and no code files beyond SKILL.md. Instruction-only skills are lowest-risk for installation. The skill does reference running python3 commands locally, which assumes Python is available on the host.
Credentials
The skill declares no environment variables or credentials (good). It implicitly requires filesystem write/read access to the user's home directory (~/.openclaw/pv_palace/). That is proportionate to a local-memory feature but is an implicit permission that should be made explicit to end users.
Persistence & Privilege
The skill implements persistent (long-term) memory stored on disk and states these memory functions are 'automatically called' for certain events. It does not set always:true and requests no global agent config changes; however, automatic persistent writes can affect user privacy and should be controlled by user consent and clear opt-out/clear commands.
Assessment
This skill appears to do what it says: it stores persistent memories locally to support a brand/PR assistant and does not request external credentials. Before installing, consider: (1) it will create and write to ~/.openclaw/pv_palace/memories.json — check that you are comfortable with unencrypted, persistent storage of conversation content and decisions; (2) ask the author or inspect runtime behavior to confirm how and when memories are written and whether there is a delete/opt-out mechanism; (3) note the SKILL.md examples reference a pv_memory module that is not included — verify which code actually runs in your agent runtime; (4) if you need stronger privacy, run the skill in a sandboxed profile or request features like encryption, retention limits, and explicit user confirmation before storing sensitive items.Like a lobster shell, security has layers — review code before you run it.
Digital-Workervk97f27fws2764y3xha01ebqsk98340vcPsyVectorvk97aza2fjbm462xvpj3rc9s829835d98latestvk97739syg7j9bhvpk86b5psk3n84f3vg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.