Nexus Agent Framework 🔮

The package mostly implements a local knowledge-indexing / idea-generation framework as described, but contains several inconsistencies and risky artifacts (absolute user paths that would be written, undeclared API/key usage, a baked-in Telegram chat id, and a detected unicode-control prompt-injection signal) that warrant careful review before installing or running.

What to check before installing or running this skill: 1) Inspect and remove/neutralize unexpected files: review fix.py and fix_final.py — they write files to /Users/jazzxx/Desktop/... (absolute author path). If you don't recognize them, do not run them; remove or sandbox them. 2) Search for hard-coded external recipients or IDs: daily-observatory-lite/config.json contains a pre-filled telegram_chat_id. Replace it with your own or remove the Telegram pusher entirely if you don't want outbound messages. 3) Validate secrets and env usage: Tools.md and some code show usage of OPENROUTER_API_KEY and other external APIs but the skill metadata declares no required env vars. Do not provide credentials until you confirm which components genuinely need them. 4) Run in a sandbox first: execute the scripts in a disposable environment (container or VM) with no network access to observe behavior and verify outputs (memory/index.json, idea-suggestions.txt) before running on your real workspace. 5) Review cron/git-hook recommendations: the README and SKILL.md show cron and git integration examples. Only add these after you understand what will run automatically and have audited any push/notify steps. 6) Confirm dependencies and tool calls: scripts expect jq, bc, jq, tesseract, and the openclaw CLI. Install only what you trust and verify CLI commands (pusher uses subprocess to call openclaw agent). 7) Remove hidden chars and re-open SKILL.md in a safe editor to ensure there are no control characters or obfuscated instructions. If you want to proceed but lower risk: a) strip pusher.py or set telegram_chat_id to a non-functional value; b) run auto-index and idea-generator manually (inspect outputs) before enabling cron; c) ask the author to explain the purpose of the fix scripts and the prefilled chat id. If you want, I can point to the exact lines/files that are most suspicious and suggest edits to neutralize them.