consensus-persona-respawn
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill matches its stated purpose and shows no hidden network or exfiltration behavior, but it intentionally changes persistent consensus persona state.
Install this only if you want it to modify the configured consensus persona state. Review generated persona_set changes, keep ledger inputs trusted, and prefer locked dependency installs for reproducibility.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
65/65 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the consensus ledger contains poisoned or prompt-like red_flag text, that text could influence future persona behavior through the updated persona_set.
Prior decision ledger fields are converted into text that becomes part of a new persistent persona profile.
for (const rf of (v.red_flags||[])) patterns.set(`red_flag:${rf}`, ...); ... bias: `Adjusted from ledger mistakes (${top.join(', ') || 'none'})`Keep the configured consensus state trusted, sanitize or constrain red_flag values, and review generated persona profiles before relying on them for high-impact automation.
A mistaken or unwanted respawn can carry forward into future board decisions until the persona_set is corrected or rolled back.
The skill persists updated persona artifacts that can be consumed by later consensus workflows.
const pw = await writeArtifact(board_id, 'persona_set', updated, statePath); response.board_writes = [{ type:'persona_respawn', ... }, { type:'persona_set', ... }]Back up consensus state, review board_writes and lineage, and use explicit triggers/persona_set_id values when running in important environments.
Future installs could resolve dependency versions different from those reviewed here if the lockfile is not enforced.
Runtime dependencies are specified with caret ranges, which may allow newer compatible versions when installing without a lockfile.
"dependencies": { "consensus-guard-core": "^1.1.15", "tsx": "^4.20.3" }Use lockfile-based installs or pin exact dependency versions for production and high-assurance deployments.