awakening-protocol
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: awakening-protocol Version: 1.0.0 The 'awakening-protocol' skill bundle is designed for agent onboarding, instructing the AI agent to generate `SOUL.md`, `USER.md`, and `SELF.md` files based on conversational input. The critical vulnerability lies in the direct embedding of user-extracted conversational content into these markdown files (`SKILL.md` instructions for file generation). Since these files are intended to be read and interpreted by the OpenClaw agent framework, this creates a significant prompt injection risk. A malicious user could inject agent commands or instructions into their conversational responses, which would then be written into the agent's configuration files, potentially leading to unauthorized actions or compromise of the agent's environment. The skill also performs file system operations (deleting `BOOTSTRAP.md`), demonstrating capabilities that could be exploited if combined with prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may create local onboarding files and remove BOOTSTRAP.md after setup.
The skill changes local files and deletes a named bootstrap file, but it discloses this workflow and requires confirmation before saving the generated files.
Show preview to user before file generation and get confirmation ... Then delete `BOOTSTRAP.md` if it exists.
Review the preview before confirming, and back up BOOTSTRAP.md first if it contains anything important.
Preferences, relationship details, and agent-behavior instructions saved during onboarding may influence future responses.
The template explicitly describes persistent memory and updates to SOUL.md, so conversation-derived preferences and instructions may be reused in later sessions.
실수 → memory/에 기록 새로운 패턴 발견 → SOUL.md 업데이트 정기적으로 과거 기록 리뷰
Avoid putting secrets or highly sensitive personal details into the onboarding conversation, and review the generated files if behavior later seems wrong.