ClawHub

Babel Epistemic Convention

v2.0.0

Prevents metacognitive poisoning in multi-agent handoffs. Install when your agent hands off work to other agents or receives work from them. Agents that read...

0· 612·0 current·0 all-time
by@mdiskint
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name and description (preventing metacognitive poisoning across agent handoffs) match the SKILL.md content: vocabulary, grammar rules, and a forwarding block for propagation. It does not request unrelated credentials, binaries, or access, so the claimed purpose aligns with the actual requirements and behavior.
Instruction Scope
All runtime instructions are confined to how agents should annotate and forward epistemic metadata. The forwarding block explicitly instructs recipients to include the block in their outputs; this is social propagation rather than a technical enforcement mechanism. The MUST/SHOULD grammar rules are concrete and scoped, but they rely entirely on cooperating agents to follow them (they do not enforce or collect system state or secrets).
Install Mechanism
This skill is instruction-only and has no install spec (lowest risk). It references an optional npm package (babel-validate) as the 'hardened path' for machine-parseable enforcement; that package is not included or fetched by the skill itself, so any install risk arises only if you choose to install that package separately. If you plan to use the hardened path, audit the npm package and its provenance before installing.
Credentials
The skill requests no environment variables, credentials, or config paths. The instructions do not access or instruct reading unrelated files or environment state. Requested privileges are proportional to the stated purpose.
Persistence & Privilege
always is false and there is no install-time persistence. disable-model-invocation is false (normal), so an agent can autonomously use the convention if it has the skill, but the skill does not force installation or modify other skills or system-wide config.
Assessment
This skill is primarily a human-/agent-level convention: it doesn't read files, require secrets, or install software by itself, so its direct technical risk is low. Before relying on it in regulated or production pipelines: (1) understand that propagation is social — recipients must cooperate to honor the labels, so it does not enforce compliance by itself; (2) if you take the 'hardened path' and install the referenced npm package (babel-validate), review the package source, version, and supply-chain risk (npm package provenance, maintainer reputation, and code audit); (3) confirm the agent(s) in your pipeline will honor the MUST rules you care about, because a downstream agent that ignores the convention can still promote inferred claims to VERIFIED_DATA; and (4) if you need technical enforcement (audit logs, immutable envelopes), plan to integrate an audited implementation rather than relying solely on the forwarding block.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bv2vf4bn9xa4hczp2txhh7d81ejv2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments