Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Belief Discoverer
v1.0.0Automatically discover what your AI agent believes by analyzing its real outputs — Pattern-Based Distillation for agent behavior
⭐ 0· 67·0 current·0 all-time
byLiveNeon.ai@liveneon
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes a remote service (Live Neon) that ingests an agent's outputs and runs Pattern-Based Distillation. That purpose reasonably requires a network endpoint and an API token. However, the published metadata claims no required environment variables or binaries, which is inconsistent with the skill's own Quick Start (it sets LIVE_NEON_TOKEN and LIVE_NEON_BASE and lists curl/jq as dependencies). The skill does not ask for unrelated credentials, so the capability itself is plausible, but the metadata omission is misleading.
Instruction Scope
Runtime instructions direct the agent to register and POST data to https://persona.liveneon.ai and to set LIVE_NEON_TOKEN and LIVE_NEON_BASE. The doc also describes ingesting many content sources (GitHub commits/files, websites, RSS, Twitter/X, LinkedIn exports). The instructions do not explicitly require local filesystem reads, but they do imply uploading possibly sensitive agent outputs and organizational content to a third-party service. The approval workflow is claimed, but the SKILL.md gives the agent commands that would transmit data externally — users should verify how content is selected and approved before upload.
Install Mechanism
This is an instruction-only skill with no install spec or code files, so nothing will be written to disk by the skill itself. That reduces installation risk. The SKILL.md does list runtime dependencies (curl, jq) but the registry metadata did not declare them — another metadata inconsistency to resolve.
Credentials
The SKILL.md requires an API token (LIVE_NEON_TOKEN) and base URL (LIVE_NEON_BASE) to operate, but the registry metadata lists no required env vars or primary credential. Requesting a single token for the service is proportionate to the stated function, but the missing declaration is a red flag. Also, because the skill ingests diverse content sources (some of which may require additional credentials), it's unclear whether further secrets will be requested or needed at runtime.
Persistence & Privilege
The skill is not marked always:true and is user-invocable. It does allow normal autonomous invocation (disable-model-invocation:false) which is the platform default. There is no evidence the skill requests persistent system-wide privileges or modifies other skills' configs.
What to consider before installing
Do not install or run this skill until the following are clear: (1) Ask the publisher to update the registry metadata to declare required env vars (LIVE_NEON_TOKEN, LIVE_NEON_BASE) and runtime dependencies (curl, jq). (2) Confirm exactly what agent outputs and org data will be uploaded, how they are selected, and whether uploads require explicit human approval. (3) Verify the token's scope and retention policy (use least-privilege, short-lived or revocable tokens). (4) Review the Live Neon privacy/security policy and where data is stored/processed. (5) If you must test, run with only non-sensitive sample data and with network access monitored. The main concern is that the skill will transmit agent outputs to a third-party service while the published metadata omits that requirement — treat the omission as a potential safety/visibility gap.Like a lobster shell, security has layers — review code before you run it.
latestvk97e4gf91453cemhd24q57g0w183rxc8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.