ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Personality Dynamics

v1.0.0

Adapts OpenClaw agents by learning user interaction patterns, switching personas by context, and evolving personality weekly.

0· 817·7 current·7 all-time
byNeal Meyer@ngmeyer
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the code: scripts analyze conversation transcripts, generate persona files, switch modes, and produce weekly reports. Requiring 'node' only is reasonable. Minor mismatches: SKILL.md metadata lists required files (SOUL.md, MEMORY.md) while the registry metadata listed none; package.json points to a GitHub homepage but the registry entry shows no homepage/source. These provenance/metadata inconsistencies reduce trust but do not by themselves indicate malicious behavior.
!
Instruction Scope
Runtime scripts read and write local workspace data (memory/*.md, PERSONA/, PERSONA/evolves/) which is expected for learning a persona, but heartbeat-check.sh contains a hardcoded absolute path (cd /Users/nealme/clawd) that is user-specific and out-of-context for a general skill. analyze-session.ts reads today's memory file and writes patterns/session JSONs; weekly-report.ts reads patterns and writes suggested diffs to SOUL.md. The skill does not declare or require external credentials, and there are no network calls in the code, but the hardcoded path and the heartbeat runner that can be scheduled by system cron/heartbeat are risky and inconsistent with a generic skill bundle.
Install Mechanism
There is no external install/download step declared (instruction-only install). The package contains local scripts and a package.json but no external downloads or extract operations. This is lower risk from an install perspective; however, code files present mean something will be written/executed if you run the provided CLI commands.
Credentials
The skill requests no environment variables or third-party credentials. Its file and filesystem accesses (workspace memory files, PERSONA folder) are consistent with the stated goal of learning from local sessions. No obvious overbroad credential requests are present.
Persistence & Privilege
The skill does not request always:true and does not modify other skills' configuration. It writes persistent files into a PERSONA/ directory and PERSONA/evolves/ and can be wired into an external heartbeat (heartbeat-check.sh) that could be scheduled externally. The heartbeat script's hardcoded path and automatic weekly-report trigger (Sunday evening) are notable: if you wire this into system automation without inspection, it may run in unexpected environments.
What to consider before installing
This skill appears to implement a local persona-evolution workflow (analyze local memory files, create PERSONA files, weekly reports) which is coherent with its description, but there are a few things to check before installing or running it: - Inspect and remove/adjust the hardcoded path in heartbeat-check.sh (cd /Users/nealme/clawd). That path is user-specific and could cause unintended behavior; do not run that script as-is. Replace with workspace-relative paths if you intend to use it. - Understand what local files it reads/writes: analyze-session.ts reads memory/<today>.md and weekly-report.ts suggests edits to SOUL.md. Ensure any files in your workspace that contain secrets or private data are not unintentionally exposed or processed. - The skill writes persistent data under PERSONA/ and PERSONA/evolves/. Review those outputs and their permissions; consider running the scripts in an isolated project directory first. - The CLI runs local scripts via execSync and the scripts print a spawn marker (---SPAWN_PERSONA_GENERATION---) intended for OpenClaw; review how your agent platform would act on that output before enabling autonomous invocation. - There is no declared homepage/source in the registry entry even though package.json references a GitHub URL; verify the package origin (confirm repository & publisher) before trusting automatic usage. - The interactive onboarding asks about permissions like drafting external communications, but the code does not itself perform network actions. If you plan to extend the skill to take external actions (send emails, post tweets), require explicit, auditable opt-in and add proper API credential handling. If you want to proceed: run the CLI scripts in a throwaway or sandbox workspace first, remove or rewrite heartbeat-check.sh, and verify that generated outputs and any 'auto-apply' behaviors require manual approval (the onboard config shows ask_before_major: true, which is good). If you are unsure, prefer forking and sanitizing the repo (remove hardcoded paths, add clear logging and permission prompts) before installing widely.

Like a lobster shell, security has layers — review code before you run it.

latestvk972crcxgswqkjbnqk3kkn5ggh815t0m

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsnode

Comments