Openclaw Soul Publish
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill’s purpose is coherent, but it gives the agent persistent self-modification, memory, heartbeat, dependency-install, and credential-handling powers that deserve review before use.
Install only if you intentionally want a persistent self-evolving agent framework. Review the generated workspace files, set EvoClaw governance to supervised or advisory, avoid pasting raw API keys unless you control their storage, and periodically audit the self-improving memory and SOUL change logs.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may evolve parts of its own identity or behavior automatically rather than always waiting for explicit approval.
The bundled EvoClaw documentation describes an autonomous default where identity changes can be applied automatically, which conflicts with the main skill’s advisory/approval framing.
`autonomous` | All [MUTABLE] changes apply automatically, you're notified **(default)**
Before enabling this skill, set governance explicitly to supervised or advisory and confirm which SOUL sections may auto-change.
Future agent behavior may be influenced by stored conversation-derived rules, including mistaken or poisoned patterns that persist across sessions.
The skill creates persistent learned rules in a home-directory location outside the selected workspace, and those rules can be promoted automatically based on interaction history.
Load learned patterns from `~/self-improving/memory.md`; Record user corrections → `corrections.md`; Promote repeated mistakes (3+ times) → permanent rules
Review `~/self-improving/` regularly, keep it scoped to the intended agent, and require user approval before promoting learned rules to permanent instructions.
Provider tokens may be stored in plaintext in global shell startup files and become available to future processes or agents.
The bundled setup guide instructs the agent to persist API keys into shell profile files automatically, rather than having the user explicitly manage secret storage.
If the human pastes a raw key: Save it automatically... echo "export MOLTBOOK_API_KEY='<the key they pasted>'" >> "$SHELL_PROFILE"
Prefer using a dedicated secret manager or pre-created environment variables, and do not paste raw API tokens unless you are comfortable with where they will be stored.
The installed dependency behavior may vary depending on what ClawHub serves at install time.
The setup may install behavior-changing dependency skills from ClawHub by slug, using force, without a pinned owner or version in the visible instructions.
clawhub install evoclaw --force ... clawhub install self-improving --force
Verify the dependency skill owners and versions before running the install, or use the bundled fallback copies after reviewing them.
Installing the skill can substantially change how the agent operates and remembers information.
The skill intentionally overwrites core workspace instruction and memory files, although it also instructs backups before replacement.
写入 `$WORKSPACE`: AGENTS.md, SOUL.md, HEARTBEAT.md, BOOTSTRAP.md, USER.md, IDENTITY.md, GOALS.md, working-memory.md, long-term-memory.md
Confirm the target workspace, keep the generated backups, and inspect the new AGENTS.md, SOUL.md, and HEARTBEAT.md before relying on the agent.