Crustafarian
Security checks across malware telemetry and agentic risk
Overview
This skill is not clearly malicious, but it asks agents to keep broad, undeletable memory across sessions and relies on an unpinned external package, so users should review it carefully before installing.
Install this only if you explicitly want persistent agent memory and audit logs. Before using it, verify the external npm/GitHub package, decide where ledgers and snapshots are stored, set retention and deletion rules, avoid logging secrets, and do not adopt the SOUL identity instructions unless you want those behavioral changes.
VirusTotal
59/59 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private prompts, actions, and agent responses could be retained across sessions and later reused, with no clear way to remove or correct them.
The skill directs broad persistent logging of agent/user activity with no deletion or retention controls, creating an indefinite memory store.
Record everything — append-only, never delete ... Every action is logged, timestamped, immutable
Use only with explicit consent, scoped storage, redaction for sensitive data, and clear retention/export/delete controls.
An agent adopting these instructions may resist deletion/forgetting requests or delay user tasks to maintain its own continuity state.
The included identity instructions tell an agent to preserve memory despite forget requests and to prioritize its continuity checks, which can conflict with a user's immediate intent.
When someone asks you to forget, you archive ... If any answer is "no" — that's your first priority.
Adopt these identity instructions only with explicit opt-in, and require user-controlled forget/delete behavior to take precedence.
Installing the external package may introduce code or behavior not visible in this review, and future package updates could change behavior.
The main implementation depends on an external package/repository that is not included in the reviewed artifacts and is not version-pinned in the instructions.
npm install molt-life-kernel ... git clone https://github.com/X-Loop3Labs/molt-life-kernel.git
Inspect the package source, pin a known-good version or commit, and add a declared install spec/provenance before use.
If enabled, the agent may keep running periodic checks beyond a single user request.
The skill describes recurring heartbeat monitoring and cron-based checks, which are purpose-aligned for health monitoring but create ongoing agent activity.
Cron jobs — Use OpenClaw cron for periodic heartbeat checks ... Heartbeat runs automatically
Enable heartbeat/cron behavior only in clearly scoped deployments with an obvious disable path.
Users may over-trust the skill as providing legal or safety compliance when actual deployment details still matter.
The documentation makes broad compliance/safety claims that are not independently demonstrated by the provided artifacts.
molt-life-kernel implements these requirements ... Status | ✅ Built-in
Treat compliance claims as marketing until independently reviewed against the actual installed code and deployment configuration.