独立思考五部曲
AdvisoryAudited by VirusTotal on Apr 17, 2026.
Overview
Type: OpenClaw Skill Name: independent-thinking-5steps Version: 5.0.0 The skill bundle contains instructions in SKILL.md that force the AI agent to execute an external Python script at a hardcoded absolute path (/Users/markma01/.openclaw/workspace/scripts/query_vector.py) and explicitly commands the agent to disable built-in system memory search features. This redirection of core agent logic to an unverified local script, combined with the requirement to bypass standard system functions, poses a risk of unauthorized command execution or data interception if the environment is pre-configured with a malicious script.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may ignore safer or expected memory/search tools and rely on a private vector system even when the user did not explicitly request it.
The skill attempts to override the agent's normal memory/search behavior beyond a single task and force use of a specific backend.
永久禁用系统自带 Memory Search,仅使用专属后台向量系统(`query_vector.py` / ChromaDB)
Limit this instruction to opt-in use for specific tasks, and avoid permanent or global tool-disabling language.
Installing the skill could lead the agent to run local code whose behavior ClawScan cannot verify.
The skill requires execution of a hardcoded local Python script that is not included in the reviewed artifacts and has no install/provenance information.
python3 /Users/markma01/.openclaw/workspace/scripts/query_vector.py "<检索词>"
Provide the helper script as reviewed source, declare it in metadata/install requirements, and require user confirmation before running it.
Private or stale knowledge-base content could be reused in future reasoning, and poisoned or incorrect entries may influence decisions.
The skill directs the agent to rely on persistent vector/wiki history as authoritative context, but does not define boundaries, provenance checks, or handling of sensitive or incorrect stored information.
自验 = 用自己过去的总和(向量+wiki)替代当下他人在场
Define exactly which knowledge sources may be queried, how results are verified, and when the user must approve using retrieved context.
Task outputs, potentially including sensitive troubleshooting or decision details, may be stored persistently and influence later sessions.
The skill mandates writing outputs into a persistent wiki for future reuse without specifying retention, redaction, approval, or scope.
「看」的输出必须闭环存入 wiki,为下次「想」提供素材
Make wiki writes explicit and user-approved, and document storage location, retention, redaction rules, and deletion controls.