selfware
Security checks across malware telemetry and agentic risk
Overview
This instruction-only skill describes a file/app protocol; its local API, remote-sync, and agent-collaboration ideas are disclosed and include user-confirmation limits.
Before using a Selfware runtime or package, verify it only writes to the declared content scope, binds any API to localhost unless you explicitly choose otherwise, asks before applying remote changes or sending context, and uses trusted remote sources.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a separate runtime implements these endpoints poorly, it could expose file-writing or update-check behavior beyond what the user expects.
The document specifies local API endpoints, including a write endpoint and a URL-based update check. This is central to the protocol and the visible text limits writes to the canonical content scope.
GET /api/content ... POST /api/save ... GET /api/check_update?url=...; POST /api/save MUST only write within content/
Use implementations that bind to localhost, enforce writes only within content/, and require clear confirmation for update, apply, publish, or context-sharing actions.
If remote canonical data is enabled, file content may be influenced by an external URL or repository.
The protocol allows remote canonical data or update sources, which introduces external provenance. The same text requires disclosure, rollback, and user confirmation before applying remote changes.
Remote Canonical: https://floatboat.ai/selfware.md ... git:https://github.com/floatboatai/selfware.md ... remote changes MUST NOT be silently applied without user confirmation
Only enable remote canonical sources you trust, review diffs before applying changes, and keep rollback available.
Context sharing or collaboration features could send user content to another agent or service if implemented without clear recipient and data boundaries.
The protocol contemplates agent-to-agent collaboration and context sending. The visible artifact frames this as a capability that should require user confirmation.
collaboration relationships between human↔Agent and Agent↔Agent ... confirmation_required: actions that require user confirmation ... send context
Approve agent-to-agent or context-sharing actions only after seeing what data will be shared, with whom, and for what purpose.