ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

soul-audit

v1.1.1

Evaluate any AI agent's soul file, system prompt, or AGENTS.md against the Guardian v0.7 framework (Forrest Landry's Immanent Metaphysics). Generates a score...

1· 516·1 current·2 all-time
by@kapslap
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name and description (audit a soul file against Guardian v0.7) align with the instructions and included rubric. The skill requires no binaries, env vars, or installs, which is proportionate. However, SKILL.md contains inconsistent references: it says the rubric is derived from v0.6 in one spot and v0.7 elsewhere, and the process text refers to "12 dimensions" while the rubric contains many more dimensions and the report template uses "Overall Score: [X] / 45" — these contradictions should be clarified.
!
Instruction Scope
Runtime instructions tell the agent to ask for a file, accept a URL, or if unspecified "check the current workspace for SOUL.md or AGENTS.md," then to read the document and quote it when noting strengths/gaps. That behavior is coherent for an audit skill, but it means the agent will read arbitrary workspace files and may verbatim output their contents. If a soul file contains secrets or sensitive policy text not intended for broad exposure, the skill could leak them in generated reports. Accepting URLs also implies fetching external content; the skill provides no guidance about sanitizing or redacting sensitive content before quoting.
Install Mechanism
Instruction-only skill with no install spec or code files — low risk from installation mechanisms.
Credentials
The skill requests no environment variables, credentials, or config paths, which is appropriate for a document-auditing task.
Persistence & Privilege
Flags are default (always:false, model invocation allowed). The skill does not request persistent or privileged system presence.
What to consider before installing
This skill appears to do what it claims (audit a soul file) and doesn't ask for credentials or installs, but review these before use: - Clarify the version/metric inconsistencies with the author (v0.6 vs v0.7, "12 dimensions" vs rubric contents, and the /45 total). Those contradictions could produce confusing or incorrect scores. - Do not provide files that contain secrets or private tokens; the instructions explicitly say to quote the document when highlighting strengths/gaps, so confidential content may be reproduced in the report. - If you give a URL, assume the agent will fetch and fully read the remote document; only provide URLs you trust. - If you plan to run this in an environment where workspace files include secrets, run the audit in a sanitized workspace or copy only the specific soul file to be audited. - Ask the skill author to add explicit redaction rules (e.g., automatically redact API keys, private keys, or long credential-like strings before quoting) and to fix the rubric/version mismatches before relying on high-stakes judgments. If the author can address those notes (fix the inconsistent references and add explicit redaction/safety guidance when quoting), the skill would be much clearer and lower risk.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dgqr1mm0w06k42khx8gyh2d82wx5x

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments