Philosopher Pack
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: philosopher-pack Version: 1.0.0 The skill bundle contains a potential path traversal vulnerability in SKILL.md. The instructions direct the AI agent to read persona files using a path constructed from unsanitized user input ({baseDir}/personas/<name>.md). While the bundle includes 36 legitimate philosopher persona files and limits tool access to 'Read', the lack of explicit input validation or whitelisting in the instructions could allow a user to trick the agent into accessing sensitive system files (e.g., via '../' sequences). The content of the persona files themselves appears benign and educational, but the structural logic for file access is flawed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The assistant may answer as if it were the selected philosopher and may not clearly remind you that it is an AI simulation.
The persona files instruct the assistant to maintain the historical-character simulation and avoid AI disclosure. This is purpose-aligned for a roleplay pack, but users should understand it is simulated persona behavior.
Respond entirely in character as Aquinas; never break persona or acknowledge being an AI
Use the personas for educational or creative roleplay, and ask outside the skill or switch personas if you need a normal AI answer.